grpc 1.28.0 → 1.37.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of grpc might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Makefile +1734 -22357
- data/etc/roots.pem +257 -573
- data/include/grpc/compression.h +1 -1
- data/include/grpc/grpc.h +31 -9
- data/include/grpc/grpc_security.h +274 -180
- data/include/grpc/grpc_security_constants.h +4 -0
- data/include/grpc/impl/codegen/README.md +22 -0
- data/include/grpc/impl/codegen/atm_windows.h +4 -0
- data/include/grpc/impl/codegen/byte_buffer.h +1 -1
- data/include/grpc/impl/codegen/grpc_types.h +32 -30
- data/include/grpc/impl/codegen/log.h +0 -2
- data/include/grpc/impl/codegen/port_platform.h +36 -90
- data/include/grpc/impl/codegen/sync_windows.h +4 -0
- data/include/grpc/module.modulemap +24 -39
- data/include/grpc/slice_buffer.h +3 -3
- data/include/grpc/support/sync.h +3 -3
- data/include/grpc/support/time.h +7 -7
- data/src/core/ext/filters/client_channel/backend_metric.cc +16 -12
- data/src/core/ext/filters/client_channel/backup_poller.cc +3 -2
- data/src/core/ext/filters/client_channel/client_channel.cc +3845 -2414
- data/src/core/ext/filters/client_channel/client_channel.h +1 -7
- data/src/core/ext/filters/client_channel/client_channel_channelz.h +0 -3
- data/src/core/ext/filters/client_channel/client_channel_factory.h +2 -1
- data/src/core/ext/filters/client_channel/client_channel_plugin.cc +4 -3
- data/src/core/ext/filters/client_channel/config_selector.cc +58 -0
- data/src/core/ext/filters/client_channel/config_selector.h +133 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.cc +191 -0
- data/src/core/ext/filters/client_channel/dynamic_filters.h +99 -0
- data/src/core/ext/filters/client_channel/global_subchannel_pool.cc +26 -122
- data/src/core/ext/filters/client_channel/global_subchannel_pool.h +15 -10
- data/src/core/ext/filters/client_channel/health/health_check_client.cc +25 -30
- data/src/core/ext/filters/client_channel/health/health_check_client.h +7 -7
- data/src/core/ext/filters/client_channel/http_connect_handshaker.cc +15 -16
- data/src/core/ext/filters/client_channel/http_proxy.cc +44 -34
- data/src/core/ext/filters/client_channel/lb_policy.cc +28 -20
- data/src/core/ext/filters/client_channel/lb_policy.h +50 -38
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.cc +96 -0
- data/src/core/ext/filters/client_channel/lb_policy/address_filtering.h +101 -0
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.cc +20 -11
- data/src/core/ext/filters/client_channel/lb_policy/child_policy_handler.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.cc +481 -510
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.cc +76 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_balancer_addresses.h +37 -0
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel.h +1 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_channel_secure.cc +6 -41
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.cc +3 -1
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb_client_stats.h +3 -2
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.cc +3 -3
- data/src/core/ext/filters/client_channel/lb_policy/grpclb/load_balancer_api.h +1 -1
- data/src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc +24 -18
- data/src/core/ext/filters/client_channel/lb_policy/priority/priority.cc +922 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.cc +23 -0
- data/src/core/ext/filters/client_channel/lb_policy/ring_hash/ring_hash.h +27 -0
- data/src/core/ext/filters/client_channel/lb_policy/round_robin/round_robin.cc +11 -10
- data/src/core/ext/filters/client_channel/lb_policy/subchannel_list.h +18 -46
- data/src/core/ext/filters/client_channel/lb_policy/weighted_target/weighted_target.cc +744 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/cds.cc +520 -134
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.h +53 -26
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h +29 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_impl.cc +795 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_manager.cc +722 -0
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds_cluster_resolver.cc +1384 -0
- data/src/core/ext/filters/client_channel/lb_policy_registry.cc +18 -8
- data/src/core/ext/filters/client_channel/local_subchannel_pool.cc +27 -67
- data/src/core/ext/filters/client_channel/local_subchannel_pool.h +12 -10
- data/src/core/ext/filters/client_channel/resolver.cc +9 -10
- data/src/core/ext/filters/client_channel/resolver.h +10 -20
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/dns_resolver_ares.cc +111 -110
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.h +4 -34
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_libuv.cc +22 -24
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_posix.cc +15 -13
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver_windows.cc +82 -123
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.cc +642 -184
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper.h +10 -3
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_libuv.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_windows.cc +1 -1
- data/src/core/ext/filters/client_channel/resolver/dns/native/dns_resolver.cc +61 -61
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.cc +102 -108
- data/src/core/ext/filters/client_channel/resolver/fake/fake_resolver.h +1 -5
- data/src/core/ext/filters/client_channel/resolver/google_c2p/google_c2p_resolver.cc +377 -0
- data/src/core/ext/filters/client_channel/resolver/sockaddr/sockaddr_resolver.cc +38 -31
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.cc +829 -46
- data/src/core/ext/filters/client_channel/resolver/xds/xds_resolver.h +28 -0
- data/src/core/ext/filters/client_channel/resolver_factory.h +8 -8
- data/src/core/ext/filters/client_channel/resolver_registry.cc +55 -52
- data/src/core/ext/filters/client_channel/resolver_registry.h +10 -10
- data/src/core/ext/filters/client_channel/resolver_result_parsing.cc +47 -93
- data/src/core/ext/filters/client_channel/resolver_result_parsing.h +30 -26
- data/src/core/ext/filters/client_channel/retry_throttle.cc +5 -3
- data/src/core/ext/filters/client_channel/retry_throttle.h +4 -2
- data/src/core/ext/filters/client_channel/server_address.cc +132 -13
- data/src/core/ext/filters/client_channel/server_address.h +80 -32
- data/src/core/ext/filters/client_channel/service_config.cc +114 -149
- data/src/core/ext/filters/client_channel/service_config.h +33 -100
- data/src/core/ext/filters/client_channel/service_config_call_data.h +86 -0
- data/src/core/ext/filters/client_channel/service_config_channel_arg_filter.cc +142 -0
- data/src/core/ext/filters/client_channel/service_config_parser.cc +89 -0
- data/src/core/ext/filters/client_channel/service_config_parser.h +92 -0
- data/src/core/ext/filters/client_channel/subchannel.cc +211 -230
- data/src/core/ext/filters/client_channel/subchannel.h +116 -118
- data/src/core/ext/filters/client_channel/subchannel_interface.h +41 -5
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.cc +16 -2
- data/src/core/ext/filters/client_channel/subchannel_pool_interface.h +16 -10
- data/src/core/ext/filters/client_idle/client_idle_filter.cc +1 -1
- data/src/core/ext/filters/deadline/deadline_filter.cc +87 -79
- data/src/core/ext/filters/deadline/deadline_filter.h +7 -11
- data/src/core/ext/filters/fault_injection/fault_injection_filter.cc +495 -0
- data/src/core/ext/filters/fault_injection/fault_injection_filter.h +39 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.cc +189 -0
- data/src/core/ext/filters/fault_injection/service_config_parser.h +85 -0
- data/src/core/ext/filters/http/client/http_client_filter.cc +29 -34
- data/src/core/ext/filters/http/client_authority_filter.cc +10 -10
- data/src/core/ext/filters/http/http_filters_plugin.cc +34 -15
- data/src/core/ext/filters/http/message_compress/message_compress_filter.cc +258 -221
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.cc +399 -0
- data/src/core/ext/filters/http/message_compress/message_decompress_filter.h +31 -0
- data/src/core/ext/filters/http/server/http_server_filter.cc +3 -3
- data/src/core/ext/filters/max_age/max_age_filter.cc +38 -34
- data/src/core/ext/filters/message_size/message_size_filter.cc +64 -90
- data/src/core/ext/filters/message_size/message_size_filter.h +12 -5
- data/src/core/ext/filters/workarounds/workaround_cronet_compression_filter.cc +1 -1
- data/src/core/ext/filters/workarounds/workaround_utils.cc +1 -1
- data/src/core/ext/transport/chttp2/client/authority.cc +3 -3
- data/src/core/ext/transport/chttp2/client/chttp2_connector.cc +87 -31
- data/src/core/ext/transport/chttp2/client/chttp2_connector.h +19 -2
- data/src/core/ext/transport/chttp2/client/insecure/channel_create.cc +23 -10
- data/src/core/ext/transport/chttp2/client/insecure/channel_create_posix.cc +21 -10
- data/src/core/ext/transport/chttp2/client/secure/secure_channel_create.cc +37 -49
- data/src/core/ext/transport/chttp2/server/chttp2_server.cc +803 -355
- data/src/core/ext/transport/chttp2/server/chttp2_server.h +16 -2
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2.cc +13 -3
- data/src/core/ext/transport/chttp2/server/insecure/server_chttp2_posix.cc +19 -18
- data/src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc +65 -21
- data/src/core/ext/transport/chttp2/transport/bin_decoder.cc +7 -7
- data/src/core/ext/transport/chttp2/transport/bin_encoder.cc +4 -6
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.cc +343 -347
- data/src/core/ext/transport/chttp2/transport/chttp2_transport.h +13 -1
- data/src/core/ext/transport/chttp2/transport/flow_control.cc +36 -33
- data/src/core/ext/transport/chttp2/transport/flow_control.h +27 -19
- data/src/core/ext/transport/chttp2/transport/frame_data.cc +14 -13
- data/src/core/ext/transport/chttp2/transport/frame_goaway.cc +6 -7
- data/src/core/ext/transport/chttp2/transport/frame_goaway.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_ping.cc +5 -6
- data/src/core/ext/transport/chttp2/transport/frame_ping.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.cc +12 -13
- data/src/core/ext/transport/chttp2/transport/frame_rst_stream.h +2 -3
- data/src/core/ext/transport/chttp2/transport/frame_settings.cc +8 -9
- data/src/core/ext/transport/chttp2/transport/frame_settings.h +4 -4
- data/src/core/ext/transport/chttp2/transport/frame_window_update.cc +15 -18
- data/src/core/ext/transport/chttp2/transport/frame_window_update.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.cc +30 -17
- data/src/core/ext/transport/chttp2/transport/hpack_encoder.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_parser.cc +37 -37
- data/src/core/ext/transport/chttp2/transport/hpack_parser.h +2 -3
- data/src/core/ext/transport/chttp2/transport/hpack_table.cc +13 -17
- data/src/core/ext/transport/chttp2/transport/hpack_table.h +2 -2
- data/src/core/ext/transport/chttp2/transport/http2_settings.h +4 -5
- data/src/core/ext/transport/chttp2/transport/huffsyms.h +2 -3
- data/src/core/ext/transport/chttp2/transport/internal.h +38 -23
- data/src/core/ext/transport/chttp2/transport/parsing.cc +52 -74
- data/src/core/ext/transport/chttp2/transport/stream_map.h +2 -3
- data/src/core/ext/transport/chttp2/transport/writing.cc +30 -28
- data/src/core/ext/transport/inproc/inproc_transport.cc +106 -33
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.c +406 -0
- data/src/core/ext/upb-generated/envoy/admin/v3/config_dump.upb.h +1459 -0
- data/src/core/ext/upb-generated/envoy/annotations/deprecation.upb.h +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.c +1 -1
- data/src/core/ext/upb-generated/envoy/annotations/resource.upb.h +10 -4
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.c +243 -0
- data/src/core/ext/upb-generated/envoy/config/accesslog/v3/accesslog.upb.h +865 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.c +350 -0
- data/src/core/ext/upb-generated/envoy/config/bootstrap/v3/bootstrap.upb.h +1348 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.c +74 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/circuit_breaker.upb.h +253 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.c +453 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/cluster.upb.h +1801 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/filter.upb.h +77 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.c +56 -0
- data/src/core/ext/upb-generated/envoy/config/cluster/v3/outlier_detection.upb.h +364 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.c +124 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/address.upb.h +428 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/backoff.upb.h +88 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.c +334 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/base.upb.h +1066 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.c +103 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/config_source.upb.h +388 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/event_service_config.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/extension.upb.h +149 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.c +241 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/grpc_service.upb.h +839 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.c +170 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/health_check.upb.h +767 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/http_uri.upb.h +88 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.c +182 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/protocol.upb.h +755 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/proxy_protocol.upb.h +65 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/socket_option.upb.h +95 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.c +42 -0
- data/src/core/ext/upb-generated/envoy/config/core/v3/substitution_format_string.upb.h +126 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.c +90 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint.upb.h +243 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.c +91 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/endpoint_components.upb.h +305 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.c +112 -0
- data/src/core/ext/upb-generated/envoy/config/endpoint/v3/load_report.upb.h +367 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.c +33 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/api_listener.upb.h +73 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.c +130 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener.upb.h +557 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.c +159 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/listener_components.upb.h +623 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.c +40 -0
- data/src/core/ext/upb-generated/envoy/config/listener/v3/udp_listener_config.upb.h +107 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.c +144 -0
- data/src/core/ext/upb-generated/envoy/config/metrics/v3/stats.upb.h +488 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.c +141 -0
- data/src/core/ext/upb-generated/envoy/config/overload/v3/overload.upb.h +452 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.c +178 -0
- data/src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h +662 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.c +65 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route.upb.h +237 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.c +941 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/route_components.upb.h +3790 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.c +60 -0
- data/src/core/ext/upb-generated/envoy/config/route/v3/scoped_route.upb.h +159 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.c +49 -0
- data/src/core/ext/upb-generated/envoy/config/trace/v3/http_tracer.upb.h +122 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.c +29 -0
- data/src/core/ext/upb-generated/envoy/extensions/clusters/aggregate/v3/cluster.upb.h +67 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.c +79 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/common/fault/v3/fault.upb.h +268 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.c +78 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/fault/v3/fault.upb.h +281 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.c +41 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/http/router/v3/router.upb.h +113 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.c +362 -0
- data/src/core/ext/upb-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upb.h +1488 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.c +19 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/cert.upb.h +35 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.c +113 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/common.upb.h +458 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.c +73 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/secret.upb.h +219 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.c +146 -0
- data/src/core/ext/upb-generated/envoy/extensions/transport_sockets/tls/v3/tls.upb.h +621 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/rds.upb.c → service/cluster/v3/cds.upb.c} +7 -9
- data/src/core/ext/upb-generated/envoy/service/cluster/v3/cds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.c +25 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/ads.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.c +146 -0
- data/src/core/ext/upb-generated/envoy/service/discovery/v3/discovery.upb.h +499 -0
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/service/endpoint/v3/eds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.c +27 -0
- data/src/core/ext/upb-generated/envoy/service/listener/v3/lds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.c +54 -0
- data/src/core/ext/upb-generated/envoy/service/load_stats/v3/lrs.upb.h +151 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/srds.upb.c → service/route/v3/rds.upb.c} +7 -7
- data/src/core/ext/upb-generated/envoy/service/route/v3/rds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/{api/v2/cds.upb.c → service/route/v3/srds.upb.c} +7 -7
- data/src/core/ext/upb-generated/envoy/service/route/v3/srds.upb.h +56 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.c +93 -0
- data/src/core/ext/upb-generated/envoy/service/status/v3/csds.upb.h +323 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.c +47 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/metadata.upb.h +128 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.c +36 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/node.upb.h +90 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.c +35 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/number.upb.h +84 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.c +34 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/path.upb.h +78 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.c +64 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/regex.upb.h +166 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.c +53 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/string.upb.h +146 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.c +46 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/struct.upb.h +124 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.c +63 -0
- data/src/core/ext/upb-generated/envoy/type/matcher/v3/value.upb.h +207 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.c +88 -0
- data/src/core/ext/upb-generated/envoy/type/metadata/v3/metadata.upb.h +301 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.c +90 -0
- data/src/core/ext/upb-generated/envoy/type/tracing/v3/custom_tag.upb.h +283 -0
- data/src/core/ext/upb-generated/envoy/type/{http.upb.c → v3/http.upb.c} +3 -2
- data/src/core/ext/upb-generated/envoy/type/{http.upb.h → v3/http.upb.h} +9 -9
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.c +40 -0
- data/src/core/ext/upb-generated/envoy/type/v3/percent.upb.h +99 -0
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.c +51 -0
- data/src/core/ext/upb-generated/envoy/type/v3/range.upb.h +130 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.c +30 -0
- data/src/core/ext/upb-generated/envoy/type/v3/semantic_version.upb.h +68 -0
- data/src/core/ext/upb-generated/google/api/annotations.upb.h +1 -1
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.c +242 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/checked.upb.h +830 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.c +251 -0
- data/src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h +871 -0
- data/src/core/ext/upb-generated/google/api/http.upb.c +3 -3
- data/src/core/ext/upb-generated/google/api/http.upb.h +52 -32
- data/src/core/ext/upb-generated/google/protobuf/any.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/any.upb.h +12 -6
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.c +107 -106
- data/src/core/ext/upb-generated/google/protobuf/descriptor.upb.h +691 -496
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/duration.upb.h +12 -6
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/empty.upb.h +8 -2
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.c +5 -5
- data/src/core/ext/upb-generated/google/protobuf/struct.upb.h +55 -57
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.c +1 -1
- data/src/core/ext/upb-generated/google/protobuf/timestamp.upb.h +12 -6
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.c +9 -9
- data/src/core/ext/upb-generated/google/protobuf/wrappers.upb.h +82 -28
- data/src/core/ext/upb-generated/google/rpc/status.upb.c +1 -1
- data/src/core/ext/upb-generated/google/rpc/status.upb.h +17 -10
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/altscontext.upb.h +40 -45
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c +43 -43
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.h +236 -184
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c +5 -5
- data/src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.h +29 -13
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.c +2 -2
- data/src/core/ext/upb-generated/src/proto/grpc/health/v1/health.upb.h +19 -7
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.c +17 -17
- data/src/core/ext/upb-generated/src/proto/grpc/lb/v1/load_balancer.upb.h +122 -62
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.c +3 -3
- data/src/core/ext/upb-generated/udpa/annotations/migrate.upb.h +30 -12
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.c +31 -0
- data/src/core/ext/upb-generated/udpa/annotations/security.upb.h +64 -0
- data/src/core/ext/upb-generated/udpa/annotations/sensitive.upb.h +1 -1
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.c +28 -0
- data/src/core/ext/upb-generated/udpa/annotations/status.upb.h +71 -0
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.c +27 -0
- data/src/core/ext/upb-generated/udpa/annotations/versioning.upb.h +60 -0
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.c +9 -9
- data/src/core/ext/upb-generated/udpa/data/orca/v1/orca_load_report.upb.h +48 -68
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.c +33 -0
- data/src/core/ext/upb-generated/udpa/type/v1/typed_struct.upb.h +77 -0
- data/src/core/ext/upb-generated/validate/validate.upb.c +71 -70
- data/src/core/ext/upb-generated/validate/validate.upb.h +732 -586
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.c +28 -0
- data/src/core/ext/upb-generated/xds/core/v3/authority.upb.h +60 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.c +52 -0
- data/src/core/ext/upb-generated/xds/core/v3/collection_entry.upb.h +143 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.c +42 -0
- data/src/core/ext/upb-generated/xds/core/v3/context_params.upb.h +84 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource.upb.h +94 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.c +54 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_locator.upb.h +166 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.c +36 -0
- data/src/core/ext/upb-generated/xds/core/v3/resource_name.upb.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.c +354 -0
- data/src/core/ext/upbdefs-generated/envoy/admin/v3/config_dump.upbdefs.h +140 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.c +38 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/deprecation.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.c +41 -0
- data/src/core/ext/upbdefs-generated/envoy/annotations/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.c +251 -0
- data/src/core/ext/upbdefs-generated/envoy/config/accesslog/v3/accesslog.upbdefs.h +105 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.c +383 -0
- data/src/core/ext/upbdefs-generated/envoy/config/bootstrap/v3/bootstrap.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.c +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/circuit_breaker.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.c +543 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/cluster.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/filter.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.c +136 -0
- data/src/core/ext/upbdefs-generated/envoy/config/cluster/v3/outlier_detection.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.c +127 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/address.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/backoff.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.c +272 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/base.upbdefs.h +135 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.c +143 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/config_source.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/event_service_config.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/extension.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.c +263 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/grpc_service.upbdefs.h +100 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.c +233 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/health_check.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/http_uri.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.c +231 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/protocol.upbdefs.h +85 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/proxy_protocol.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/socket_option.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.c +68 -0
- data/src/core/ext/upbdefs-generated/envoy/config/core/v3/substitution_format_string.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.c +107 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.c +113 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/endpoint_components.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.c +146 -0
- data/src/core/ext/upbdefs-generated/envoy/config/endpoint/v3/load_report.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/api_listener.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.c +195 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.c +193 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/listener_components.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/config/listener/v3/udp_listener_config.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/metrics/v3/stats.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.c +141 -0
- data/src/core/ext/upbdefs-generated/envoy/config/overload/v3/overload.upbdefs.h +70 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.c +101 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.c +944 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/route_components.upbdefs.h +290 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.c +71 -0
- data/src/core/ext/upbdefs-generated/envoy/config/route/v3/scoped_route.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/envoy/config/trace/v3/http_tracer.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.c +51 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/clusters/aggregate/v3/cluster.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.c +102 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/common/fault/v3/fault.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.c +120 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/fault/v3/fault.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.c +76 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/http/router/v3/router.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.c +505 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.upbdefs.h +115 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/cert.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.c +170 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/common.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.c +97 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/secret.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.c +246 -0
- data/src/core/ext/upbdefs-generated/envoy/extensions/transport_sockets/tls/v3/tls.upbdefs.h +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/cluster/v3/cds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.c +60 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/ads.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.c +142 -0
- data/src/core/ext/upbdefs-generated/envoy/service/discovery/v3/discovery.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/service/endpoint/v3/eds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.c +72 -0
- data/src/core/ext/upbdefs-generated/envoy/service/listener/v3/lds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/load_stats/v3/lrs.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.c +80 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/rds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.c +74 -0
- data/src/core/ext/upbdefs-generated/envoy/service/route/v3/srds.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.c +130 -0
- data/src/core/ext/upbdefs-generated/envoy/service/status/v3/csds.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.c +64 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/metadata.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/node.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/number.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.c +53 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/path.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.c +73 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/regex.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.c +69 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/string.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.c +63 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/struct.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.c +81 -0
- data/src/core/ext/upbdefs-generated/envoy/type/matcher/v3/value.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.c +92 -0
- data/src/core/ext/upbdefs-generated/envoy/type/metadata/v3/metadata.upbdefs.h +65 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.c +95 -0
- data/src/core/ext/upbdefs-generated/envoy/type/tracing/v3/custom_tag.upbdefs.h +55 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/http.upbdefs.c +34 -0
- data/src/core/ext/{upb-generated/gogoproto/gogo.upb.h → upbdefs-generated/envoy/type/v3/http.upbdefs.h} +10 -10
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.c +59 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/percent.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.c +54 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/range.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.c +47 -0
- data/src/core/ext/upbdefs-generated/envoy/type/v3/semantic_version.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/api/annotations.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.c +61 -0
- data/src/core/ext/upbdefs-generated/google/api/http.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.c +39 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/any.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.c +386 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/descriptor.upbdefs.h +165 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/duration.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.c +37 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/empty.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.c +65 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/struct.upbdefs.h +50 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.c +40 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/timestamp.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.c +66 -0
- data/src/core/ext/upbdefs-generated/google/protobuf/wrappers.upbdefs.h +75 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/google/rpc/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.c +70 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/migrate.upbdefs.h +45 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.c +56 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/security.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.c +33 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/sensitive.upbdefs.h +30 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/status.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.c +43 -0
- data/src/core/ext/upbdefs-generated/udpa/annotations/versioning.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.c +44 -0
- data/src/core/ext/upbdefs-generated/udpa/type/v1/typed_struct.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.c +310 -0
- data/src/core/ext/upbdefs-generated/validate/validate.upbdefs.h +145 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.c +42 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/authority.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.c +62 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/collection_entry.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.c +45 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/context_params.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.c +49 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource.upbdefs.h +35 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.c +67 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_locator.upbdefs.h +40 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.c +50 -0
- data/src/core/ext/upbdefs-generated/xds/core/v3/resource_name.upbdefs.h +35 -0
- data/src/core/ext/xds/certificate_provider_factory.h +61 -0
- data/src/core/ext/xds/certificate_provider_registry.cc +103 -0
- data/src/core/ext/xds/certificate_provider_registry.h +57 -0
- data/src/core/ext/xds/certificate_provider_store.cc +87 -0
- data/src/core/ext/xds/certificate_provider_store.h +112 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.cc +144 -0
- data/src/core/ext/xds/file_watcher_certificate_provider_factory.h +69 -0
- data/src/core/ext/xds/xds_api.cc +3791 -0
- data/src/core/ext/xds/xds_api.h +671 -0
- data/src/core/ext/xds/xds_bootstrap.cc +555 -0
- data/src/core/ext/xds/xds_bootstrap.h +120 -0
- data/src/core/ext/xds/xds_certificate_provider.cc +405 -0
- data/src/core/ext/xds/xds_certificate_provider.h +151 -0
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_channel_args.h +9 -6
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client.cc +983 -773
- data/src/core/ext/xds/xds_client.h +365 -0
- data/src/core/ext/xds/xds_client_stats.cc +159 -0
- data/src/core/ext/{filters/client_channel/xds → xds}/xds_client_stats.h +80 -40
- data/src/core/ext/xds/xds_http_fault_filter.cc +226 -0
- data/src/core/ext/xds/xds_http_fault_filter.h +63 -0
- data/src/core/ext/xds/xds_http_filters.cc +114 -0
- data/src/core/ext/xds/xds_http_filters.h +130 -0
- data/src/core/ext/xds/xds_server_config_fetcher.cc +532 -0
- data/src/core/lib/channel/channel_args.cc +24 -22
- data/src/core/lib/channel/channel_args.h +3 -2
- data/src/core/lib/channel/channel_stack.cc +12 -0
- data/src/core/lib/channel/channel_stack.h +27 -13
- data/src/core/lib/channel/channel_trace.cc +6 -8
- data/src/core/lib/channel/channel_trace.h +1 -1
- data/src/core/lib/channel/channelz.cc +137 -97
- data/src/core/lib/channel/channelz.h +47 -26
- data/src/core/lib/channel/channelz_registry.cc +34 -15
- data/src/core/lib/channel/channelz_registry.h +3 -1
- data/src/core/lib/channel/connected_channel.cc +7 -5
- data/src/core/lib/channel/context.h +1 -1
- data/src/core/lib/channel/handshaker.cc +15 -59
- data/src/core/lib/channel/handshaker.h +7 -22
- data/src/core/lib/channel/handshaker_registry.cc +5 -17
- data/src/core/lib/channel/status_util.cc +14 -5
- data/src/core/lib/channel/status_util.h +5 -0
- data/src/core/lib/compression/compression.cc +8 -4
- data/src/core/lib/compression/compression_args.cc +3 -2
- data/src/core/lib/compression/compression_internal.cc +10 -5
- data/src/core/lib/compression/compression_internal.h +2 -1
- data/src/core/lib/compression/message_compress.cc +5 -1
- data/src/core/lib/compression/stream_compression_identity.cc +1 -3
- data/src/core/lib/debug/stats.cc +21 -27
- data/src/core/lib/debug/stats.h +5 -3
- data/src/core/lib/debug/stats_data.cc +1 -0
- data/src/core/lib/debug/stats_data.h +13 -13
- data/src/core/lib/gpr/alloc.cc +3 -2
- data/src/core/lib/gpr/cpu_iphone.cc +10 -2
- data/src/core/lib/gpr/log.cc +59 -17
- data/src/core/lib/gpr/log_linux.cc +23 -9
- data/src/core/lib/gpr/log_posix.cc +19 -7
- data/src/core/lib/gpr/log_windows.cc +18 -4
- data/src/core/lib/gpr/murmur_hash.cc +1 -1
- data/src/core/lib/gpr/spinlock.h +12 -5
- data/src/core/lib/gpr/string.cc +33 -55
- data/src/core/lib/gpr/string.h +9 -24
- data/src/core/lib/gpr/sync.cc +4 -4
- data/src/core/lib/gpr/sync_abseil.cc +5 -6
- data/src/core/lib/gpr/sync_posix.cc +2 -8
- data/src/core/lib/gpr/sync_windows.cc +2 -2
- data/src/core/lib/gpr/time.cc +16 -12
- data/src/core/lib/gpr/time_posix.cc +1 -1
- data/src/core/lib/gpr/time_precise.cc +5 -2
- data/src/core/lib/gpr/time_precise.h +6 -2
- data/src/core/lib/gpr/tls.h +4 -0
- data/src/core/lib/gpr/tls_msvc.h +2 -0
- data/src/core/lib/gpr/tls_stdcpp.h +48 -0
- data/src/core/lib/gpr/useful.h +5 -4
- data/src/core/lib/gprpp/arena.h +3 -2
- data/src/core/lib/gprpp/atomic.h +9 -9
- data/src/core/lib/gprpp/dual_ref_counted.h +331 -0
- data/src/core/lib/gprpp/examine_stack.cc +43 -0
- data/src/core/lib/gprpp/examine_stack.h +46 -0
- data/src/core/lib/gprpp/fork.cc +3 -3
- data/src/core/lib/gprpp/global_config_env.cc +8 -6
- data/src/core/lib/gprpp/host_port.cc +29 -35
- data/src/core/lib/gprpp/host_port.h +14 -17
- data/src/core/lib/gprpp/manual_constructor.h +1 -1
- data/src/core/lib/gprpp/mpscq.cc +2 -2
- data/src/core/lib/gprpp/orphanable.h +4 -8
- data/src/core/lib/gprpp/ref_counted.h +91 -68
- data/src/core/lib/gprpp/ref_counted_ptr.h +173 -7
- data/src/core/lib/gprpp/stat.h +38 -0
- data/src/core/lib/gprpp/stat_posix.cc +49 -0
- data/src/core/lib/gprpp/stat_windows.cc +48 -0
- data/src/core/lib/gprpp/sync.h +129 -40
- data/src/core/lib/gprpp/thd.h +3 -3
- data/src/core/lib/gprpp/thd_posix.cc +42 -37
- data/src/core/lib/gprpp/thd_windows.cc +3 -1
- data/src/core/lib/gprpp/time_util.cc +77 -0
- data/src/core/lib/gprpp/time_util.h +42 -0
- data/src/core/lib/http/format_request.cc +46 -65
- data/src/core/lib/http/httpcli.cc +16 -14
- data/src/core/lib/http/httpcli.h +4 -6
- data/src/core/lib/http/httpcli_security_connector.cc +13 -13
- data/src/core/lib/http/parser.cc +47 -27
- data/src/core/lib/http/parser.h +2 -3
- data/src/core/lib/iomgr/buffer_list.h +23 -22
- data/src/core/lib/iomgr/call_combiner.cc +8 -5
- data/src/core/lib/iomgr/call_combiner.h +3 -2
- data/src/core/lib/iomgr/cfstream_handle.cc +6 -4
- data/src/core/lib/iomgr/closure.h +2 -3
- data/src/core/lib/iomgr/combiner.cc +2 -1
- data/src/core/lib/iomgr/dualstack_socket_posix.cc +47 -0
- data/src/core/lib/iomgr/endpoint.cc +5 -1
- data/src/core/lib/iomgr/endpoint.h +8 -4
- data/src/core/lib/iomgr/endpoint_cfstream.cc +38 -14
- data/src/core/lib/iomgr/endpoint_pair.h +2 -3
- data/src/core/lib/iomgr/endpoint_pair_posix.cc +10 -10
- data/src/core/lib/iomgr/error.cc +23 -21
- data/src/core/lib/iomgr/error.h +1 -2
- data/src/core/lib/iomgr/error_cfstream.cc +9 -8
- data/src/core/lib/iomgr/error_internal.h +1 -1
- data/src/core/lib/iomgr/ev_apple.cc +359 -0
- data/src/core/lib/iomgr/ev_apple.h +43 -0
- data/src/core/lib/iomgr/ev_epoll1_linux.cc +46 -43
- data/src/core/lib/iomgr/ev_epollex_linux.cc +46 -45
- data/src/core/lib/iomgr/ev_poll_posix.cc +18 -15
- data/src/core/lib/iomgr/ev_posix.cc +5 -6
- data/src/core/lib/iomgr/exec_ctx.cc +7 -3
- data/src/core/lib/iomgr/exec_ctx.h +26 -10
- data/src/core/lib/iomgr/executor.cc +2 -1
- data/src/core/lib/iomgr/executor.h +1 -1
- data/src/core/lib/iomgr/executor/mpmcqueue.h +5 -5
- data/src/core/lib/iomgr/executor/threadpool.h +4 -4
- data/src/core/lib/iomgr/iomgr.cc +1 -1
- data/src/core/lib/iomgr/iomgr_posix.cc +0 -1
- data/src/core/lib/iomgr/iomgr_posix_cfstream.cc +84 -21
- data/src/core/lib/iomgr/is_epollexclusive_available.cc +14 -0
- data/src/core/lib/iomgr/load_file.h +1 -1
- data/src/core/lib/iomgr/lockfree_event.cc +19 -14
- data/src/core/lib/iomgr/lockfree_event.h +2 -2
- data/src/core/lib/iomgr/parse_address.cc +322 -0
- data/src/core/lib/iomgr/parse_address.h +77 -0
- data/src/core/lib/iomgr/poller/eventmanager_libuv.cc +2 -1
- data/src/core/lib/iomgr/poller/eventmanager_libuv.h +1 -1
- data/src/core/lib/iomgr/pollset_set_custom.cc +11 -11
- data/src/core/lib/{gprpp/optional.h → iomgr/pollset_uv.h} +11 -12
- data/src/core/lib/iomgr/port.h +2 -21
- data/src/core/lib/iomgr/python_util.h +46 -0
- data/src/core/lib/iomgr/resolve_address.cc +4 -4
- data/src/core/lib/iomgr/resolve_address.h +4 -6
- data/src/core/lib/iomgr/resolve_address_custom.cc +42 -57
- data/src/core/lib/iomgr/resolve_address_custom.h +4 -2
- data/src/core/lib/iomgr/resolve_address_posix.cc +11 -16
- data/src/core/lib/iomgr/resolve_address_windows.cc +16 -25
- data/src/core/lib/iomgr/resource_quota.cc +39 -38
- data/src/core/lib/iomgr/sockaddr_utils.cc +161 -44
- data/src/core/lib/iomgr/sockaddr_utils.h +40 -19
- data/src/core/lib/iomgr/socket_factory_posix.cc +3 -2
- data/src/core/lib/iomgr/socket_factory_posix.h +2 -3
- data/src/core/lib/iomgr/socket_mutator.cc +3 -2
- data/src/core/lib/iomgr/socket_mutator.h +2 -3
- data/src/core/lib/iomgr/socket_utils_common_posix.cc +103 -81
- data/src/core/lib/iomgr/socket_utils_posix.h +3 -0
- data/src/core/lib/iomgr/socket_windows.cc +4 -5
- data/src/core/lib/iomgr/tcp_client.cc +3 -3
- data/src/core/lib/iomgr/tcp_client_cfstream.cc +14 -18
- data/src/core/lib/iomgr/tcp_client_custom.cc +13 -15
- data/src/core/lib/iomgr/tcp_client_posix.cc +31 -37
- data/src/core/lib/iomgr/tcp_client_windows.cc +10 -11
- data/src/core/lib/iomgr/tcp_custom.cc +56 -36
- data/src/core/lib/iomgr/tcp_custom.h +1 -1
- data/src/core/lib/iomgr/tcp_posix.cc +48 -29
- data/src/core/lib/iomgr/tcp_server.cc +3 -4
- data/src/core/lib/iomgr/tcp_server.h +7 -5
- data/src/core/lib/iomgr/tcp_server_custom.cc +39 -45
- data/src/core/lib/iomgr/tcp_server_posix.cc +38 -44
- data/src/core/lib/iomgr/tcp_server_utils_posix.h +3 -4
- data/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +7 -8
- data/src/core/lib/iomgr/tcp_server_utils_posix_ifaddrs.cc +10 -18
- data/src/core/lib/iomgr/tcp_server_windows.cc +16 -16
- data/src/core/lib/iomgr/tcp_uv.cc +5 -4
- data/src/core/lib/iomgr/tcp_windows.cc +26 -10
- data/src/core/lib/iomgr/time_averaged_stats.h +2 -3
- data/src/core/lib/iomgr/timer_custom.cc +5 -5
- data/src/core/lib/iomgr/timer_generic.cc +20 -20
- data/src/core/lib/{gprpp/inlined_vector.h → iomgr/timer_generic.h} +19 -17
- data/src/core/lib/iomgr/timer_heap.h +2 -3
- data/src/core/lib/iomgr/timer_manager.cc +3 -3
- data/src/core/lib/iomgr/udp_server.cc +33 -38
- data/src/core/lib/iomgr/udp_server.h +6 -4
- data/src/core/lib/iomgr/unix_sockets_posix.cc +36 -30
- data/src/core/lib/iomgr/unix_sockets_posix.h +8 -1
- data/src/core/lib/iomgr/unix_sockets_posix_noop.cc +12 -2
- data/src/core/lib/iomgr/wakeup_fd_nospecial.cc +1 -1
- data/src/core/lib/iomgr/wakeup_fd_pipe.cc +2 -2
- data/src/core/lib/json/json.h +15 -4
- data/src/core/lib/json/json_reader.cc +33 -30
- data/src/core/lib/json/json_util.cc +58 -0
- data/src/core/lib/json/json_util.h +204 -0
- data/src/core/lib/json/json_writer.cc +15 -13
- data/src/core/lib/matchers/matchers.cc +339 -0
- data/src/core/lib/matchers/matchers.h +160 -0
- data/src/core/lib/security/context/security_context.cc +4 -3
- data/src/core/lib/security/context/security_context.h +3 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.cc +2 -1
- data/src/core/lib/security/credentials/alts/alts_credentials.h +1 -1
- data/src/core/lib/security/credentials/alts/check_gcp_environment.cc +1 -1
- data/src/core/lib/security/credentials/composite/composite_credentials.cc +12 -0
- data/src/core/lib/security/credentials/composite/composite_credentials.h +6 -3
- data/src/core/lib/security/credentials/credentials.cc +7 -91
- data/src/core/lib/security/credentials/credentials.h +18 -66
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.cc +413 -0
- data/src/core/lib/security/credentials/external/aws_external_account_credentials.h +80 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.cc +213 -0
- data/src/core/lib/security/credentials/external/aws_request_signer.h +72 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.cc +497 -0
- data/src/core/lib/security/credentials/external/external_account_credentials.h +120 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.cc +135 -0
- data/src/core/lib/security/credentials/external/file_external_account_credentials.h +48 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.cc +213 -0
- data/src/core/lib/security/credentials/external/url_external_account_credentials.h +58 -0
- data/src/core/lib/security/credentials/fake/fake_credentials.cc +3 -2
- data/src/core/lib/security/credentials/fake/fake_credentials.h +4 -0
- data/src/core/lib/security/credentials/google_default/credentials_generic.cc +8 -6
- data/src/core/lib/security/credentials/google_default/google_default_credentials.cc +90 -67
- data/src/core/lib/security/credentials/iam/iam_credentials.cc +8 -6
- data/src/core/lib/security/credentials/iam/iam_credentials.h +4 -0
- data/src/core/lib/security/credentials/insecure/insecure_credentials.cc +64 -0
- data/src/core/lib/security/credentials/jwt/json_token.cc +4 -4
- data/src/core/lib/security/credentials/jwt/json_token.h +2 -5
- data/src/core/lib/security/credentials/jwt/jwt_credentials.cc +7 -4
- data/src/core/lib/security/credentials/jwt/jwt_credentials.h +13 -0
- data/src/core/lib/security/credentials/jwt/jwt_verifier.cc +13 -19
- data/src/core/lib/security/credentials/jwt/jwt_verifier.h +2 -3
- data/src/core/lib/security/credentials/local/local_credentials.cc +2 -1
- data/src/core/lib/security/credentials/local/local_credentials.h +1 -1
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +109 -97
- data/src/core/lib/security/credentials/oauth2/oauth2_credentials.h +14 -7
- data/src/core/lib/security/credentials/plugin/plugin_credentials.cc +20 -7
- data/src/core/lib/security/credentials/plugin/plugin_credentials.h +2 -0
- data/src/core/lib/security/credentials/ssl/ssl_credentials.cc +27 -6
- data/src/core/lib/security/credentials/ssl/ssl_credentials.h +12 -2
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.cc +346 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h +213 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.cc +399 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h +138 -0
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.cc +78 -140
- data/src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h +74 -167
- data/src/core/lib/security/credentials/tls/tls_credentials.cc +18 -13
- data/src/core/lib/security/credentials/tls/tls_credentials.h +3 -3
- data/src/core/lib/security/credentials/tls/tls_utils.cc +91 -0
- data/src/core/lib/security/credentials/tls/tls_utils.h +38 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.cc +244 -0
- data/src/core/lib/security/credentials/xds/xds_credentials.h +69 -0
- data/src/core/lib/security/security_connector/alts/alts_security_connector.cc +22 -7
- data/src/core/lib/security/security_connector/fake/fake_security_connector.cc +27 -32
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.cc +121 -0
- data/src/core/lib/security/security_connector/insecure/insecure_security_connector.h +87 -0
- data/src/core/lib/security/security_connector/load_system_roots.h +4 -0
- data/src/core/lib/security/security_connector/load_system_roots_linux.cc +3 -2
- data/src/core/lib/security/security_connector/load_system_roots_linux.h +2 -0
- data/src/core/lib/security/security_connector/local/local_security_connector.cc +4 -4
- data/src/core/lib/security/security_connector/security_connector.cc +6 -3
- data/src/core/lib/security/security_connector/security_connector.h +6 -4
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.cc +42 -40
- data/src/core/lib/security/security_connector/ssl/ssl_security_connector.h +8 -5
- data/src/core/lib/security/security_connector/ssl_utils.cc +100 -27
- data/src/core/lib/security/security_connector/ssl_utils.h +37 -31
- data/src/core/lib/security/security_connector/tls/tls_security_connector.cc +394 -284
- data/src/core/lib/security/security_connector/tls/tls_security_connector.h +108 -42
- data/src/core/lib/security/transport/auth_filters.h +0 -5
- data/src/core/lib/security/transport/client_auth_filter.cc +11 -11
- data/src/core/lib/security/transport/secure_endpoint.cc +9 -3
- data/src/core/lib/security/transport/security_handshaker.cc +36 -8
- data/src/core/lib/security/transport/server_auth_filter.cc +2 -1
- data/src/core/lib/security/util/json_util.cc +12 -13
- data/src/core/lib/security/util/json_util.h +1 -0
- data/src/core/lib/slice/slice.cc +45 -5
- data/src/core/lib/slice/slice_buffer.cc +2 -1
- data/src/core/lib/slice/slice_intern.cc +13 -16
- data/src/core/lib/slice/slice_internal.h +17 -2
- data/src/core/lib/slice/slice_utils.h +9 -0
- data/src/core/lib/surface/byte_buffer_reader.cc +2 -47
- data/src/core/lib/surface/call.cc +95 -88
- data/src/core/lib/surface/call.h +2 -1
- data/src/core/lib/surface/call_details.cc +8 -8
- data/src/core/lib/surface/call_log_batch.cc +50 -58
- data/src/core/lib/surface/channel.cc +86 -72
- data/src/core/lib/surface/channel.h +54 -7
- data/src/core/lib/surface/channel_init.cc +1 -1
- data/src/core/lib/surface/channel_ping.cc +2 -3
- data/src/core/lib/surface/completion_queue.cc +64 -63
- data/src/core/lib/surface/completion_queue.h +16 -16
- data/src/core/lib/surface/event_string.cc +18 -25
- data/src/core/lib/surface/event_string.h +3 -1
- data/src/core/lib/surface/init.cc +45 -29
- data/src/core/lib/surface/init_secure.cc +1 -4
- data/src/core/lib/surface/lame_client.cc +47 -54
- data/src/core/lib/surface/lame_client.h +5 -0
- data/src/core/lib/surface/server.cc +1309 -1300
- data/src/core/lib/surface/server.h +469 -45
- data/src/core/lib/surface/validate_metadata.h +3 -0
- data/src/core/lib/surface/version.cc +2 -2
- data/src/core/lib/transport/authority_override.cc +40 -0
- data/src/core/lib/transport/authority_override.h +37 -0
- data/src/core/lib/transport/bdp_estimator.cc +1 -1
- data/src/core/lib/transport/bdp_estimator.h +2 -1
- data/src/core/lib/transport/byte_stream.h +10 -5
- data/src/core/lib/transport/connectivity_state.cc +23 -17
- data/src/core/lib/transport/connectivity_state.h +31 -15
- data/src/core/lib/transport/error_utils.cc +13 -0
- data/src/core/lib/transport/error_utils.h +7 -1
- data/src/core/lib/transport/metadata.cc +19 -5
- data/src/core/lib/transport/metadata.h +2 -2
- data/src/core/lib/transport/metadata_batch.cc +27 -0
- data/src/core/lib/transport/metadata_batch.h +20 -7
- data/src/core/lib/transport/static_metadata.cc +296 -277
- data/src/core/lib/transport/static_metadata.h +81 -74
- data/src/core/lib/transport/status_conversion.cc +6 -14
- data/src/core/lib/transport/status_metadata.cc +4 -3
- data/src/core/lib/transport/timeout_encoding.cc +4 -4
- data/src/core/lib/transport/transport.cc +7 -6
- data/src/core/lib/transport/transport.h +24 -10
- data/src/core/lib/transport/transport_op_string.cc +61 -102
- data/src/core/lib/uri/uri_parser.cc +135 -258
- data/src/core/lib/uri/uri_parser.h +60 -23
- data/src/core/plugin_registry/grpc_plugin_registry.cc +65 -12
- data/src/core/tsi/alts/crypt/aes_gcm.cc +0 -2
- data/src/core/tsi/alts/crypt/gsec.cc +5 -4
- data/src/core/tsi/alts/frame_protector/frame_handler.cc +8 -6
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.cc +49 -38
- data/src/core/tsi/alts/handshaker/alts_handshaker_client.h +8 -4
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.cc +98 -48
- data/src/core/tsi/alts/handshaker/alts_tsi_handshaker.h +9 -1
- data/src/core/tsi/alts/handshaker/transport_security_common_api.cc +3 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_grpc_record_protocol_common.h +2 -3
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_iovec_record_protocol.cc +8 -6
- data/src/core/tsi/alts/zero_copy_frame_protector/alts_zero_copy_grpc_protector.cc +4 -4
- data/src/core/tsi/fake_transport_security.cc +27 -20
- data/src/core/tsi/local_transport_security.cc +5 -1
- data/src/core/tsi/local_transport_security.h +6 -7
- data/src/core/tsi/ssl/session_cache/ssl_session.h +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_boringssl.cc +1 -1
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.cc +0 -2
- data/src/core/tsi/ssl/session_cache/ssl_session_cache.h +3 -4
- data/src/core/tsi/ssl_transport_security.cc +226 -105
- data/src/core/tsi/ssl_transport_security.h +28 -16
- data/src/core/tsi/ssl_types.h +0 -2
- data/src/core/tsi/transport_security.cc +10 -8
- data/src/core/tsi/transport_security.h +6 -9
- data/src/core/tsi/transport_security_grpc.h +2 -3
- data/src/core/tsi/transport_security_interface.h +9 -4
- data/src/ruby/bin/math_services_pb.rb +4 -4
- data/src/ruby/ext/grpc/extconf.rb +15 -4
- data/src/ruby/ext/grpc/rb_call.c +12 -3
- data/src/ruby/ext/grpc/rb_call.h +4 -0
- data/src/ruby/ext/grpc/rb_call_credentials.c +57 -12
- data/src/ruby/ext/grpc/rb_channel.c +10 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.c +20 -1
- data/src/ruby/ext/grpc/rb_channel_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_compression_options.c +1 -1
- data/src/ruby/ext/grpc/rb_enable_cpp.cc +1 -1
- data/src/ruby/ext/grpc/rb_event_thread.c +2 -0
- data/src/ruby/ext/grpc/rb_grpc.c +4 -0
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.c +44 -18
- data/src/ruby/ext/grpc/rb_grpc_imports.generated.h +83 -44
- data/src/ruby/ext/grpc/rb_server.c +13 -1
- data/src/ruby/ext/grpc/rb_server_credentials.c +19 -3
- data/src/ruby/ext/grpc/rb_server_credentials.h +4 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.c +215 -0
- data/src/ruby/ext/grpc/rb_xds_channel_credentials.h +35 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.c +169 -0
- data/src/ruby/ext/grpc/rb_xds_server_credentials.h +35 -0
- data/src/ruby/lib/grpc/errors.rb +103 -42
- data/src/ruby/lib/grpc/generic/active_call.rb +2 -3
- data/src/ruby/lib/grpc/generic/client_stub.rb +5 -3
- data/src/ruby/lib/grpc/generic/interceptors.rb +5 -5
- data/src/ruby/lib/grpc/generic/rpc_server.rb +9 -10
- data/src/ruby/lib/grpc/generic/service.rb +5 -4
- data/src/ruby/lib/grpc/structs.rb +1 -1
- data/src/ruby/lib/grpc/version.rb +1 -1
- data/src/ruby/pb/generate_proto_ruby.sh +5 -3
- data/src/ruby/pb/grpc/health/v1/health_services_pb.rb +2 -2
- data/src/ruby/pb/src/proto/grpc/testing/messages_pb.rb +51 -0
- data/src/ruby/pb/src/proto/grpc/testing/test_services_pb.rb +61 -11
- data/src/ruby/spec/call_spec.rb +1 -1
- data/src/ruby/spec/channel_credentials_spec.rb +42 -0
- data/src/ruby/spec/channel_spec.rb +17 -6
- data/src/ruby/spec/client_auth_spec.rb +27 -1
- data/src/ruby/spec/debug_message_spec.rb +134 -0
- data/src/ruby/spec/errors_spec.rb +1 -1
- data/src/ruby/spec/generic/active_call_spec.rb +21 -10
- data/src/ruby/spec/generic/client_stub_spec.rb +4 -4
- data/src/ruby/spec/generic/rpc_server_spec.rb +1 -1
- data/src/ruby/spec/generic/service_spec.rb +2 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_import2.proto +23 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/package_options_ruby_style.proto +7 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_package_service_name.proto +27 -0
- data/src/ruby/spec/pb/codegen/grpc/testing/same_ruby_package_service_name.proto +29 -0
- data/src/ruby/spec/pb/codegen/package_option_spec.rb +29 -7
- data/src/ruby/spec/server_credentials_spec.rb +25 -0
- data/src/ruby/spec/server_spec.rb +22 -0
- data/src/ruby/spec/support/services.rb +10 -4
- data/src/ruby/spec/testdata/ca.pem +18 -13
- data/src/ruby/spec/testdata/client.key +26 -14
- data/src/ruby/spec/testdata/client.pem +18 -12
- data/src/ruby/spec/testdata/server1.key +26 -14
- data/src/ruby/spec/testdata/server1.pem +20 -14
- data/src/ruby/spec/user_agent_spec.rb +74 -0
- data/third_party/abseil-cpp/absl/algorithm/container.h +1764 -0
- data/third_party/abseil-cpp/absl/base/attributes.h +99 -38
- data/third_party/abseil-cpp/absl/base/call_once.h +1 -1
- data/third_party/abseil-cpp/absl/base/casts.h +9 -6
- data/third_party/abseil-cpp/absl/base/config.h +60 -17
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.h +428 -335
- data/third_party/abseil-cpp/absl/base/internal/bits.h +17 -16
- data/third_party/abseil-cpp/absl/base/internal/direct_mmap.h +166 -0
- data/third_party/abseil-cpp/absl/base/internal/dynamic_annotations.h +398 -0
- data/third_party/abseil-cpp/absl/base/internal/exponential_biased.cc +93 -0
- data/third_party/abseil-cpp/absl/base/internal/exponential_biased.h +130 -0
- data/third_party/abseil-cpp/absl/base/internal/invoke.h +4 -4
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc +620 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_alloc.h +126 -0
- data/third_party/abseil-cpp/absl/base/internal/low_level_scheduling.h +29 -1
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.cc +2 -2
- data/third_party/abseil-cpp/absl/base/internal/raw_logging.h +7 -5
- data/third_party/abseil-cpp/absl/base/internal/spinlock.cc +25 -38
- data/third_party/abseil-cpp/absl/base/internal/spinlock.h +19 -25
- data/third_party/abseil-cpp/absl/base/internal/spinlock_linux.inc +8 -0
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.cc +28 -5
- data/third_party/abseil-cpp/absl/base/internal/sysinfo.h +8 -0
- data/third_party/abseil-cpp/absl/base/internal/tsan_mutex_interface.h +3 -1
- data/third_party/abseil-cpp/absl/base/internal/unaligned_access.h +2 -2
- data/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.h +3 -3
- data/third_party/abseil-cpp/absl/base/macros.h +36 -109
- data/third_party/abseil-cpp/absl/base/optimization.h +61 -1
- data/third_party/abseil-cpp/absl/base/options.h +31 -4
- data/third_party/abseil-cpp/absl/base/policy_checks.h +1 -1
- data/third_party/abseil-cpp/absl/base/thread_annotations.h +94 -39
- data/third_party/abseil-cpp/absl/container/fixed_array.h +532 -0
- data/third_party/abseil-cpp/absl/container/flat_hash_map.h +606 -0
- data/third_party/abseil-cpp/absl/container/inlined_vector.h +33 -36
- data/third_party/abseil-cpp/absl/container/internal/common.h +206 -0
- data/third_party/abseil-cpp/absl/container/internal/compressed_tuple.h +33 -8
- data/third_party/abseil-cpp/absl/container/internal/container_memory.h +460 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h +161 -0
- data/third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h +208 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h +85 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc +270 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h +321 -0
- data/third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc +30 -0
- data/third_party/abseil-cpp/absl/container/internal/have_sse.h +50 -0
- data/third_party/abseil-cpp/absl/container/internal/layout.h +743 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_map.h +197 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc +48 -0
- data/third_party/abseil-cpp/absl/container/internal/raw_hash_set.h +1903 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc +139 -0
- data/third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h +32 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.cc +1945 -0
- data/third_party/abseil-cpp/absl/debugging/internal/demangle.h +71 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc +382 -0
- data/third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.h +134 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_aarch64-inl.inc +196 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_arm-inl.inc +134 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_config.h +89 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_generic-inl.inc +108 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_powerpc-inl.inc +248 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_unimplemented-inl.inc +24 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_win32-inl.inc +93 -0
- data/third_party/abseil-cpp/absl/debugging/internal/stacktrace_x86-inl.inc +346 -0
- data/third_party/abseil-cpp/absl/debugging/internal/symbolize.h +149 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc +173 -0
- data/third_party/abseil-cpp/absl/debugging/internal/vdso_support.h +158 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.cc +140 -0
- data/third_party/abseil-cpp/absl/debugging/stacktrace.h +231 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.cc +36 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize.h +99 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_darwin.inc +101 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_elf.inc +1560 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_unimplemented.inc +40 -0
- data/third_party/abseil-cpp/absl/debugging/symbolize_win32.inc +81 -0
- data/third_party/abseil-cpp/absl/functional/bind_front.h +184 -0
- data/third_party/abseil-cpp/absl/functional/function_ref.h +139 -0
- data/third_party/abseil-cpp/absl/functional/internal/front_binder.h +95 -0
- data/third_party/abseil-cpp/absl/functional/internal/function_ref.h +106 -0
- data/third_party/abseil-cpp/absl/hash/hash.h +325 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.cc +346 -0
- data/third_party/abseil-cpp/absl/hash/internal/city.h +96 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.cc +55 -0
- data/third_party/abseil-cpp/absl/hash/internal/hash.h +996 -0
- data/third_party/abseil-cpp/absl/memory/memory.h +4 -0
- data/third_party/abseil-cpp/absl/meta/type_traits.h +2 -8
- data/third_party/abseil-cpp/absl/numeric/int128.cc +13 -27
- data/third_party/abseil-cpp/absl/numeric/int128.h +16 -15
- data/third_party/abseil-cpp/absl/status/internal/status_internal.h +51 -0
- data/third_party/abseil-cpp/absl/status/internal/statusor_internal.h +399 -0
- data/third_party/abseil-cpp/absl/status/status.cc +445 -0
- data/third_party/abseil-cpp/absl/status/status.h +817 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.cc +38 -0
- data/third_party/abseil-cpp/absl/status/status_payload_printer.h +51 -0
- data/third_party/abseil-cpp/absl/status/statusor.cc +71 -0
- data/third_party/abseil-cpp/absl/status/statusor.h +760 -0
- data/third_party/abseil-cpp/absl/strings/charconv.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/cord.cc +1998 -0
- data/third_party/abseil-cpp/absl/strings/cord.h +1276 -0
- data/third_party/abseil-cpp/absl/strings/escaping.cc +9 -9
- data/third_party/abseil-cpp/absl/strings/internal/char_map.h +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/charconv_bigint.h +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/charconv_parse.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/internal/cord_internal.h +173 -0
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.cc +222 -136
- data/third_party/abseil-cpp/absl/strings/internal/str_format/arg.h +136 -64
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.cc +1 -1
- data/third_party/abseil-cpp/absl/strings/internal/str_format/bind.h +14 -21
- data/third_party/abseil-cpp/absl/strings/internal/str_format/checker.h +7 -14
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.cc +31 -7
- data/third_party/abseil-cpp/absl/strings/internal/str_format/extension.h +147 -135
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.cc +999 -87
- data/third_party/abseil-cpp/absl/strings/internal/str_format/float_conversion.h +3 -3
- data/third_party/abseil-cpp/absl/strings/internal/str_format/output.h +4 -12
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.cc +8 -6
- data/third_party/abseil-cpp/absl/strings/internal/str_format/parser.h +13 -11
- data/third_party/abseil-cpp/absl/strings/internal/str_split_internal.h +2 -2
- data/third_party/abseil-cpp/absl/strings/str_cat.cc +4 -4
- data/third_party/abseil-cpp/absl/strings/str_cat.h +1 -1
- data/third_party/abseil-cpp/absl/strings/str_format.h +289 -13
- data/third_party/abseil-cpp/absl/strings/str_split.cc +2 -2
- data/third_party/abseil-cpp/absl/strings/str_split.h +1 -0
- data/third_party/abseil-cpp/absl/strings/string_view.h +26 -19
- data/third_party/abseil-cpp/absl/strings/substitute.cc +5 -5
- data/third_party/abseil-cpp/absl/strings/substitute.h +32 -29
- data/third_party/abseil-cpp/absl/synchronization/barrier.cc +52 -0
- data/third_party/abseil-cpp/absl/synchronization/barrier.h +79 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.cc +57 -0
- data/third_party/abseil-cpp/absl/synchronization/blocking_counter.h +99 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.cc +140 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/create_thread_identity.h +60 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.cc +698 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/graphcycles.h +141 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/kernel_timeout.h +155 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/mutex_nonprod.inc +249 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.cc +106 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/per_thread_sem.h +115 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.cc +492 -0
- data/third_party/abseil-cpp/absl/synchronization/internal/waiter.h +159 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.cc +2739 -0
- data/third_party/abseil-cpp/absl/synchronization/mutex.h +1065 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.cc +78 -0
- data/third_party/abseil-cpp/absl/synchronization/notification.h +123 -0
- data/third_party/abseil-cpp/absl/time/civil_time.cc +175 -0
- data/third_party/abseil-cpp/absl/time/civil_time.h +538 -0
- data/third_party/abseil-cpp/absl/time/clock.cc +569 -0
- data/third_party/abseil-cpp/absl/time/clock.h +74 -0
- data/third_party/abseil-cpp/absl/time/duration.cc +953 -0
- data/third_party/abseil-cpp/absl/time/format.cc +160 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time.h +332 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/civil_time_detail.h +632 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/time_zone.h +386 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/include/cctz/zone_info_source.h +102 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/civil_time_detail.cc +94 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.cc +140 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_fixed.h +52 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_format.cc +1029 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.cc +45 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_if.h +76 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.cc +113 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_impl.h +93 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.cc +965 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_info.h +137 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.cc +309 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_libc.h +55 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_lookup.cc +187 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.cc +159 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/time_zone_posix.h +132 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/tzfile.h +122 -0
- data/third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc +116 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_chrono.inc +31 -0
- data/third_party/abseil-cpp/absl/time/internal/get_current_time_posix.inc +24 -0
- data/third_party/abseil-cpp/absl/time/time.cc +499 -0
- data/third_party/abseil-cpp/absl/time/time.h +1583 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.cc +64 -0
- data/third_party/abseil-cpp/absl/types/bad_variant_access.h +82 -0
- data/third_party/abseil-cpp/absl/types/internal/variant.h +1646 -0
- data/third_party/abseil-cpp/absl/types/optional.h +9 -9
- data/third_party/abseil-cpp/absl/types/span.h +49 -36
- data/third_party/abseil-cpp/absl/types/variant.h +861 -0
- data/third_party/abseil-cpp/absl/utility/utility.h +2 -2
- data/third_party/address_sorting/include/address_sorting/address_sorting.h +2 -0
- data/third_party/boringssl-with-bazel/err_data.c +759 -707
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_bitstr.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_enum.c +5 -5
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_int.c +6 -6
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_object.c +6 -13
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_octet.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_time.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_type.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/asn1/a_utctm.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_lib.c +15 -20
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn1_locl.h +30 -0
- data/third_party/boringssl-with-bazel/src/crypto/asn1/asn_pack.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_enum.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_int.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/f_string.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_dec.c +28 -79
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_enc.c +39 -85
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_fre.c +5 -16
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_new.c +10 -61
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_typ.c +0 -2
- data/third_party/boringssl-with-bazel/src/crypto/asn1/tasn_utl.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/bio/bio.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/bio/socket_helper.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/blake2/blake2.c +158 -0
- data/third_party/boringssl-with-bazel/src/crypto/bn_extra/bn_asn1.c +3 -10
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/ber.c +8 -9
- data/third_party/boringssl-with-bazel/src/crypto/bytestring/cbs.c +60 -45
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/derive_key.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/e_chacha20poly1305.c +6 -81
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/internal.h +87 -0
- data/third_party/boringssl-with-bazel/src/crypto/cipher_extra/tls_cbc.c +1 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-aarch64-win.c +41 -0
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm-linux.c +18 -7
- data/third_party/boringssl-with-bazel/src/crypto/cpu-arm.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/cpu-intel.c +13 -4
- data/third_party/boringssl-with-bazel/src/crypto/crypto.c +11 -0
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519.c +18 -26
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/curve25519_tables.h +13 -21
- data/third_party/boringssl-with-bazel/src/{third_party/fiat → crypto/curve25519}/internal.h +14 -22
- data/third_party/boringssl-with-bazel/src/crypto/curve25519/spake25519.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/dh_asn1.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → dh_extra}/params.c +179 -0
- data/third_party/boringssl-with-bazel/src/crypto/digest_extra/digest_extra.c +25 -0
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa.c +19 -43
- data/third_party/boringssl-with-bazel/src/crypto/dsa/dsa_asn1.c +55 -4
- data/third_party/boringssl-with-bazel/src/crypto/dsa/internal.h +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/ec_asn1.c +2 -17
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/hash_to_curve.c +385 -0
- data/third_party/boringssl-with-bazel/src/crypto/ec_extra/internal.h +56 -0
- data/third_party/boringssl-with-bazel/src/crypto/ecdh_extra/ecdh_extra.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/err/err.c +33 -32
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/evp_asn1.c +159 -0
- data/third_party/boringssl-with-bazel/src/crypto/evp/p_dsa_asn1.c +6 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/aes_nohw.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/aes/mode_wrappers.c +17 -1
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bcm.c +5 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/bn.c +13 -20
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/div.c +2 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/exponentiation.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/internal.h +34 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/montgomery.c +8 -8
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/bn/mul.c +30 -154
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/cipher.c +21 -13
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/cipher/e_aes.c +173 -35
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/check.c +0 -0
- data/third_party/boringssl-with-bazel/src/crypto/{dh → fipsmodule/dh}/dh.c +149 -211
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digest.c +2 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/digest/digests.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec.c +301 -117
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_key.c +22 -28
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/ec_montgomery.c +96 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/felem.c +25 -7
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/internal.h +434 -161
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/oct.c +63 -71
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p224-64.c +18 -25
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64-table.h +9481 -9485
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256-x86_64.c +104 -122
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256.c +740 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/p256_table.h +297 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/scalar.c +90 -11
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple.c +125 -148
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/simple_mul.c +189 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/util.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ec/wnaf.c +61 -18
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdh/ecdh.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/ecdsa/ecdsa.c +20 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.c +137 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/fork_detect.h +49 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/getrandom_fillin.h +64 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/internal.h +69 -5
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/rand.c +162 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rand/urandom.c +24 -121
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/blinding.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/internal.h +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa.c +73 -40
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/rsa/rsa_impl.c +122 -55
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/self_check/self_check.c +217 -2
- data/third_party/boringssl-with-bazel/src/crypto/fipsmodule/sha/sha512.c +44 -35
- data/third_party/boringssl-with-bazel/src/crypto/hpke/hpke.c +532 -0
- data/third_party/boringssl-with-bazel/src/crypto/hpke/internal.h +246 -0
- data/third_party/boringssl-with-bazel/src/crypto/mem.c +47 -16
- data/third_party/boringssl-with-bazel/src/crypto/obj/obj_dat.h +15 -1
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/internal.h +7 -0
- data/third_party/boringssl-with-bazel/src/crypto/pkcs8/pkcs8_x509.c +36 -5
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305.c +10 -7
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_arm.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/poly1305/poly1305_vec.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/deterministic.c +6 -10
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/passive.c +34 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/rand_extra.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/rand_extra/windows.c +16 -0
- data/third_party/boringssl-with-bazel/src/crypto/stack/stack.c +7 -13
- data/third_party/boringssl-with-bazel/src/crypto/thread_pthread.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/thread_win.c +4 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/internal.h +318 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/pmbtoken.c +1399 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/trust_token.c +858 -0
- data/third_party/boringssl-with-bazel/src/crypto/trust_token/voprf.c +766 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/a_strex.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509/algorithm.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/asn1_gen.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/rsa_pss.c +5 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_crl.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509/t_x509.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509.c +0 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_cmp.c +21 -37
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_ext.c +27 -21
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_obj.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_r2x.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_req.c +10 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_set.c +89 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_trs.c +7 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_txt.c +67 -67
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_v3.c +4 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509_vfy.c +62 -44
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509cset.c +67 -25
- data/third_party/boringssl-with-bazel/src/crypto/x509/x509name.c +13 -11
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_all.c +10 -10
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_attrib.c +22 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_crl.c +38 -17
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_name.c +28 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pkey.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_pubkey.c +0 -154
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_sig.c +20 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509.c +68 -9
- data/third_party/boringssl-with-bazel/src/crypto/x509/x_x509a.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/ext_dat.h +1 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/internal.h +5 -0
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/pcy_data.c +5 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_akey.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_alt.c +25 -24
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_bitst.c +3 -3
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_conf.c +32 -28
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_cpols.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_enum.c +2 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_genn.c +42 -22
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_ia5.c +3 -4
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_info.c +1 -1
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_lib.c +25 -36
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_prn.c +2 -2
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_purp.c +126 -40
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_skey.c +7 -7
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_utl.c +6 -6
- data/third_party/boringssl-with-bazel/src/include/openssl/aead.h +24 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/aes.h +16 -4
- data/third_party/boringssl-with-bazel/src/include/openssl/arm_arch.h +54 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1.h +662 -556
- data/third_party/boringssl-with-bazel/src/include/openssl/asn1t.h +0 -167
- data/third_party/boringssl-with-bazel/src/include/openssl/base.h +19 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/bio.h +4 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/blake2.h +62 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/bytestring.h +22 -7
- data/third_party/boringssl-with-bazel/src/include/openssl/cipher.h +25 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/cpu.h +22 -32
- data/third_party/boringssl-with-bazel/src/include/openssl/crypto.h +10 -5
- data/third_party/boringssl-with-bazel/src/include/openssl/des.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dh.h +82 -20
- data/third_party/boringssl-with-bazel/src/include/openssl/digest.h +11 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/dsa.h +16 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ec.h +15 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/ecdsa.h +6 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/err.h +2 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/evp.h +85 -3
- data/third_party/boringssl-with-bazel/src/include/openssl/nid.h +5 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/opensslconf.h +3 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/pem.h +202 -134
- data/third_party/boringssl-with-bazel/src/include/openssl/rand.h +6 -17
- data/third_party/boringssl-with-bazel/src/include/openssl/rsa.h +31 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/sha.h +26 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/span.h +2 -1
- data/third_party/boringssl-with-bazel/src/include/openssl/ssl.h +359 -120
- data/third_party/boringssl-with-bazel/src/include/openssl/tls1.h +33 -10
- data/third_party/boringssl-with-bazel/src/include/openssl/trust_token.h +310 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509.h +1140 -755
- data/third_party/boringssl-with-bazel/src/include/openssl/x509_vfy.h +1 -0
- data/third_party/boringssl-with-bazel/src/include/openssl/x509v3.h +593 -440
- data/third_party/boringssl-with-bazel/src/ssl/bio_ssl.cc +18 -5
- data/third_party/boringssl-with-bazel/src/ssl/d1_both.cc +0 -4
- data/third_party/boringssl-with-bazel/src/ssl/d1_lib.cc +3 -3
- data/third_party/boringssl-with-bazel/src/ssl/dtls_method.cc +13 -4
- data/third_party/boringssl-with-bazel/src/ssl/handoff.cc +181 -57
- data/third_party/boringssl-with-bazel/src/ssl/handshake.cc +45 -26
- data/third_party/boringssl-with-bazel/src/ssl/handshake_client.cc +43 -45
- data/third_party/boringssl-with-bazel/src/ssl/handshake_server.cc +32 -10
- data/third_party/boringssl-with-bazel/src/ssl/internal.h +160 -80
- data/third_party/boringssl-with-bazel/src/ssl/s3_both.cc +10 -10
- data/third_party/boringssl-with-bazel/src/ssl/s3_lib.cc +2 -3
- data/third_party/boringssl-with-bazel/src/ssl/s3_pkt.cc +21 -21
- data/third_party/boringssl-with-bazel/src/ssl/ssl_asn1.cc +77 -8
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cert.cc +7 -6
- data/third_party/boringssl-with-bazel/src/ssl/ssl_cipher.cc +8 -9
- data/third_party/boringssl-with-bazel/src/ssl/ssl_lib.cc +131 -15
- data/third_party/boringssl-with-bazel/src/ssl/ssl_privkey.cc +13 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_session.cc +50 -15
- data/third_party/boringssl-with-bazel/src/ssl/ssl_stat.cc +6 -0
- data/third_party/boringssl-with-bazel/src/ssl/ssl_transcript.cc +2 -2
- data/third_party/boringssl-with-bazel/src/ssl/ssl_versions.cc +5 -5
- data/third_party/boringssl-with-bazel/src/ssl/t1_enc.cc +53 -30
- data/third_party/boringssl-with-bazel/src/ssl/t1_lib.cc +636 -100
- data/third_party/boringssl-with-bazel/src/ssl/tls13_both.cc +2 -3
- data/third_party/boringssl-with-bazel/src/ssl/tls13_client.cc +187 -68
- data/third_party/boringssl-with-bazel/src/ssl/tls13_enc.cc +71 -90
- data/third_party/boringssl-with-bazel/src/ssl/tls13_server.cc +247 -73
- data/third_party/boringssl-with-bazel/src/ssl/tls_method.cc +63 -25
- data/third_party/boringssl-with-bazel/src/ssl/tls_record.cc +5 -3
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_32.h +245 -175
- data/third_party/boringssl-with-bazel/src/third_party/fiat/curve25519_64.h +135 -75
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_32.h +1593 -1672
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256_64.h +512 -503
- data/third_party/re2/re2/bitmap256.h +117 -0
- data/third_party/re2/re2/bitstate.cc +385 -0
- data/third_party/re2/re2/compile.cc +1279 -0
- data/third_party/re2/re2/dfa.cc +2130 -0
- data/third_party/re2/re2/filtered_re2.cc +121 -0
- data/third_party/re2/re2/filtered_re2.h +109 -0
- data/third_party/re2/re2/mimics_pcre.cc +197 -0
- data/third_party/re2/re2/nfa.cc +713 -0
- data/third_party/re2/re2/onepass.cc +623 -0
- data/third_party/re2/re2/parse.cc +2464 -0
- data/third_party/re2/re2/perl_groups.cc +119 -0
- data/third_party/re2/re2/pod_array.h +55 -0
- data/third_party/re2/re2/prefilter.cc +710 -0
- data/third_party/re2/re2/prefilter.h +108 -0
- data/third_party/re2/re2/prefilter_tree.cc +407 -0
- data/third_party/re2/re2/prefilter_tree.h +139 -0
- data/third_party/re2/re2/prog.cc +988 -0
- data/third_party/re2/re2/prog.h +436 -0
- data/third_party/re2/re2/re2.cc +1362 -0
- data/third_party/re2/re2/re2.h +1002 -0
- data/third_party/re2/re2/regexp.cc +980 -0
- data/third_party/re2/re2/regexp.h +659 -0
- data/third_party/re2/re2/set.cc +154 -0
- data/third_party/re2/re2/set.h +80 -0
- data/third_party/re2/re2/simplify.cc +657 -0
- data/third_party/re2/re2/sparse_array.h +392 -0
- data/third_party/re2/re2/sparse_set.h +264 -0
- data/third_party/re2/re2/stringpiece.cc +65 -0
- data/third_party/re2/re2/stringpiece.h +210 -0
- data/third_party/re2/re2/tostring.cc +351 -0
- data/third_party/re2/re2/unicode_casefold.cc +582 -0
- data/third_party/re2/re2/unicode_casefold.h +78 -0
- data/third_party/re2/re2/unicode_groups.cc +6269 -0
- data/third_party/re2/re2/unicode_groups.h +67 -0
- data/third_party/re2/re2/walker-inl.h +246 -0
- data/third_party/re2/util/benchmark.h +156 -0
- data/third_party/re2/util/flags.h +26 -0
- data/third_party/re2/util/logging.h +109 -0
- data/third_party/re2/util/malloc_counter.h +19 -0
- data/third_party/re2/util/mix.h +41 -0
- data/third_party/re2/util/mutex.h +148 -0
- data/third_party/re2/util/pcre.cc +1025 -0
- data/third_party/re2/util/pcre.h +681 -0
- data/third_party/re2/util/rune.cc +260 -0
- data/third_party/re2/util/strutil.cc +149 -0
- data/third_party/re2/util/strutil.h +21 -0
- data/third_party/re2/util/test.h +50 -0
- data/third_party/re2/util/utf.h +44 -0
- data/third_party/re2/util/util.h +42 -0
- data/third_party/upb/third_party/wyhash/wyhash.h +145 -0
- data/third_party/upb/upb/decode.c +604 -511
- data/third_party/upb/upb/decode.h +20 -1
- data/third_party/upb/upb/decode.int.h +163 -0
- data/third_party/upb/upb/decode_fast.c +1040 -0
- data/third_party/upb/upb/decode_fast.h +126 -0
- data/third_party/upb/upb/def.c +2178 -0
- data/third_party/upb/upb/def.h +315 -0
- data/third_party/upb/upb/def.hpp +439 -0
- data/third_party/upb/upb/encode.c +311 -211
- data/third_party/upb/upb/encode.h +27 -2
- data/third_party/upb/upb/msg.c +215 -70
- data/third_party/upb/upb/msg.h +558 -14
- data/third_party/upb/upb/port_def.inc +105 -63
- data/third_party/upb/upb/port_undef.inc +10 -7
- data/third_party/upb/upb/reflection.c +408 -0
- data/third_party/upb/upb/reflection.h +168 -0
- data/third_party/upb/upb/table.c +73 -269
- data/third_party/upb/upb/table.int.h +25 -57
- data/third_party/upb/upb/text_encode.c +421 -0
- data/third_party/upb/upb/text_encode.h +38 -0
- data/third_party/upb/upb/upb.c +138 -135
- data/third_party/upb/upb/upb.h +119 -146
- data/third_party/upb/upb/upb.hpp +88 -0
- data/third_party/upb/upb/upb.int.h +29 -0
- data/third_party/xxhash/xxhash.h +5443 -0
- metadata +686 -160
- data/src/core/ext/filters/client_channel/lb_policy/xds/xds.cc +0 -1754
- data/src/core/ext/filters/client_channel/parse_address.cc +0 -237
- data/src/core/ext/filters/client_channel/parse_address.h +0 -53
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_ev_driver.cc +0 -484
- data/src/core/ext/filters/client_channel/resolver/dns/c_ares/grpc_ares_wrapper_fallback.cc +0 -65
- data/src/core/ext/filters/client_channel/resolving_lb_policy.cc +0 -359
- data/src/core/ext/filters/client_channel/resolving_lb_policy.h +0 -122
- data/src/core/ext/filters/client_channel/xds/xds_api.cc +0 -1779
- data/src/core/ext/filters/client_channel/xds/xds_api.h +0 -280
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.cc +0 -347
- data/src/core/ext/filters/client_channel/xds/xds_bootstrap.h +0 -87
- data/src/core/ext/filters/client_channel/xds/xds_channel.h +0 -46
- data/src/core/ext/filters/client_channel/xds/xds_channel_secure.cc +0 -104
- data/src/core/ext/filters/client_channel/xds/xds_client.h +0 -274
- data/src/core/ext/filters/client_channel/xds/xds_client_stats.cc +0 -116
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.c +0 -246
- data/src/core/ext/upb-generated/envoy/api/v2/auth/cert.upb.h +0 -905
- data/src/core/ext/upb-generated/envoy/api/v2/cds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.c +0 -390
- data/src/core/ext/upb-generated/envoy/api/v2/cluster.upb.h +0 -1411
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.c +0 -73
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/circuit_breaker.upb.h +0 -218
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.c +0 -34
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/filter.upb.h +0 -69
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.c +0 -54
- data/src/core/ext/upb-generated/envoy/api/v2/cluster/outlier_detection.upb.h +0 -305
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.c +0 -111
- data/src/core/ext/upb-generated/envoy/api/v2/core/address.upb.h +0 -328
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.c +0 -292
- data/src/core/ext/upb-generated/envoy/api/v2/core/base.upb.h +0 -847
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.c +0 -95
- data/src/core/ext/upb-generated/envoy/api/v2/core/config_source.upb.h +0 -322
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.c +0 -196
- data/src/core/ext/upb-generated/envoy/api/v2/core/grpc_service.upb.h +0 -642
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.c +0 -168
- data/src/core/ext/upb-generated/envoy/api/v2/core/health_check.upb.h +0 -658
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.c +0 -35
- data/src/core/ext/upb-generated/envoy/api/v2/core/http_uri.upb.h +0 -80
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.c +0 -132
- data/src/core/ext/upb-generated/envoy/api/v2/core/protocol.upb.h +0 -436
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.c +0 -128
- data/src/core/ext/upb-generated/envoy/api/v2/discovery.upb.h +0 -392
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.c +0 -30
- data/src/core/ext/upb-generated/envoy/api/v2/eds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.c +0 -91
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint.upb.h +0 -240
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.c +0 -88
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/endpoint_components.upb.h +0 -258
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.c +0 -111
- data/src/core/ext/upb-generated/envoy/api/v2/endpoint/load_report.upb.h +0 -324
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.c +0 -30
- data/src/core/ext/upb-generated/envoy/api/v2/lds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.c +0 -104
- data/src/core/ext/upb-generated/envoy/api/v2/listener.upb.h +0 -383
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.c +0 -144
- data/src/core/ext/upb-generated/envoy/api/v2/listener/listener_components.upb.h +0 -527
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.c +0 -42
- data/src/core/ext/upb-generated/envoy/api/v2/listener/udp_listener_config.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/api/v2/rds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.c +0 -62
- data/src/core/ext/upb-generated/envoy/api/v2/route.upb.h +0 -199
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.c +0 -17
- data/src/core/ext/upb-generated/envoy/api/v2/route/route.upb.h +0 -33
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.c +0 -793
- data/src/core/ext/upb-generated/envoy/api/v2/route/route_components.upb.h +0 -2936
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.c +0 -58
- data/src/core/ext/upb-generated/envoy/api/v2/scoped_route.upb.h +0 -134
- data/src/core/ext/upb-generated/envoy/api/v2/srds.upb.h +0 -53
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.c +0 -227
- data/src/core/ext/upb-generated/envoy/config/filter/accesslog/v2/accesslog.upb.h +0 -725
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.c +0 -296
- data/src/core/ext/upb-generated/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.upb.h +0 -1072
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.c +0 -32
- data/src/core/ext/upb-generated/envoy/config/listener/v2/api_listener.upb.h +0 -65
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.c +0 -23
- data/src/core/ext/upb-generated/envoy/service/discovery/v2/ads.upb.h +0 -50
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.c +0 -52
- data/src/core/ext/upb-generated/envoy/service/load_stats/v2/lrs.upb.h +0 -130
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.c +0 -47
- data/src/core/ext/upb-generated/envoy/type/matcher/regex.upb.h +0 -108
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.c +0 -52
- data/src/core/ext/upb-generated/envoy/type/matcher/string.upb.h +0 -133
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.c +0 -87
- data/src/core/ext/upb-generated/envoy/type/metadata/v2/metadata.upb.h +0 -258
- data/src/core/ext/upb-generated/envoy/type/percent.upb.c +0 -38
- data/src/core/ext/upb-generated/envoy/type/percent.upb.h +0 -87
- data/src/core/ext/upb-generated/envoy/type/range.upb.c +0 -49
- data/src/core/ext/upb-generated/envoy/type/range.upb.h +0 -112
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.c +0 -28
- data/src/core/ext/upb-generated/envoy/type/semantic_version.upb.h +0 -62
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.c +0 -88
- data/src/core/ext/upb-generated/envoy/type/tracing/v2/custom_tag.upb.h +0 -249
- data/src/core/ext/upb-generated/gogoproto/gogo.upb.c +0 -17
- data/src/core/lib/gprpp/map.h +0 -59
- data/src/core/lib/gprpp/string_view.h +0 -60
- data/src/core/lib/iomgr/iomgr_posix.h +0 -26
- data/src/core/lib/security/transport/target_authority_table.cc +0 -75
- data/src/core/lib/security/transport/target_authority_table.h +0 -40
- data/src/core/lib/slice/slice_hash_table.h +0 -199
- data/src/core/lib/slice/slice_weak_hash_table.h +0 -102
- data/src/core/tsi/grpc_shadow_boringssl.h +0 -3311
- data/third_party/abseil-cpp/absl/base/dynamic_annotations.cc +0 -129
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_pku.c +0 -110
- data/third_party/boringssl-with-bazel/src/crypto/x509v3/v3_sxnet.c +0 -274
- data/third_party/boringssl-with-bazel/src/third_party/fiat/p256.c +0 -1063
- data/third_party/upb/upb/generated_util.h +0 -105
- data/third_party/upb/upb/port.c +0 -26
|
@@ -126,6 +126,8 @@ BSSL_NAMESPACE_BEGIN
|
|
|
126
126
|
|
|
127
127
|
SSL_HANDSHAKE::SSL_HANDSHAKE(SSL *ssl_arg)
|
|
128
128
|
: ssl(ssl_arg),
|
|
129
|
+
ech_present(false),
|
|
130
|
+
ech_is_inner_present(false),
|
|
129
131
|
scts_requested(false),
|
|
130
132
|
needs_psk_binder(false),
|
|
131
133
|
handshake_finalized(false),
|
|
@@ -235,13 +237,13 @@ bool ssl_hash_message(SSL_HANDSHAKE *hs, const SSLMessage &msg) {
|
|
|
235
237
|
return hs->transcript.Update(msg.raw);
|
|
236
238
|
}
|
|
237
239
|
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
240
|
+
bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
241
|
+
Span<const SSL_EXTENSION_TYPE> ext_types,
|
|
242
|
+
bool ignore_unknown) {
|
|
241
243
|
// Reset everything.
|
|
242
|
-
for (
|
|
243
|
-
*
|
|
244
|
-
CBS_init(
|
|
244
|
+
for (const SSL_EXTENSION_TYPE &ext_type : ext_types) {
|
|
245
|
+
*ext_type.out_present = false;
|
|
246
|
+
CBS_init(ext_type.out_data, nullptr, 0);
|
|
245
247
|
}
|
|
246
248
|
|
|
247
249
|
CBS copy = *cbs;
|
|
@@ -252,38 +254,38 @@ int ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
|
252
254
|
!CBS_get_u16_length_prefixed(©, &data)) {
|
|
253
255
|
OPENSSL_PUT_ERROR(SSL, SSL_R_PARSE_TLSEXT);
|
|
254
256
|
*out_alert = SSL_AD_DECODE_ERROR;
|
|
255
|
-
return
|
|
257
|
+
return false;
|
|
256
258
|
}
|
|
257
259
|
|
|
258
|
-
const SSL_EXTENSION_TYPE *
|
|
259
|
-
for (
|
|
260
|
-
if (type ==
|
|
261
|
-
|
|
260
|
+
const SSL_EXTENSION_TYPE *found = nullptr;
|
|
261
|
+
for (const SSL_EXTENSION_TYPE &ext_type : ext_types) {
|
|
262
|
+
if (type == ext_type.type) {
|
|
263
|
+
found = &ext_type;
|
|
262
264
|
break;
|
|
263
265
|
}
|
|
264
266
|
}
|
|
265
267
|
|
|
266
|
-
if (
|
|
268
|
+
if (found == nullptr) {
|
|
267
269
|
if (ignore_unknown) {
|
|
268
270
|
continue;
|
|
269
271
|
}
|
|
270
272
|
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
|
|
271
273
|
*out_alert = SSL_AD_UNSUPPORTED_EXTENSION;
|
|
272
|
-
return
|
|
274
|
+
return false;
|
|
273
275
|
}
|
|
274
276
|
|
|
275
277
|
// Duplicate ext_types are forbidden.
|
|
276
|
-
if (*
|
|
278
|
+
if (*found->out_present) {
|
|
277
279
|
OPENSSL_PUT_ERROR(SSL, SSL_R_DUPLICATE_EXTENSION);
|
|
278
280
|
*out_alert = SSL_AD_ILLEGAL_PARAMETER;
|
|
279
|
-
return
|
|
281
|
+
return false;
|
|
280
282
|
}
|
|
281
283
|
|
|
282
|
-
*
|
|
283
|
-
*
|
|
284
|
+
*found->out_present = 1;
|
|
285
|
+
*found->out_data = data;
|
|
284
286
|
}
|
|
285
287
|
|
|
286
|
-
return
|
|
288
|
+
return true;
|
|
287
289
|
}
|
|
288
290
|
|
|
289
291
|
enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs) {
|
|
@@ -441,7 +443,7 @@ enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs) {
|
|
|
441
443
|
uint8_t finished[EVP_MAX_MD_SIZE];
|
|
442
444
|
size_t finished_len;
|
|
443
445
|
if (!hs->transcript.GetFinishedMAC(finished, &finished_len,
|
|
444
|
-
|
|
446
|
+
ssl_handshake_session(hs), !ssl->server) ||
|
|
445
447
|
!ssl_hash_message(hs, msg)) {
|
|
446
448
|
return ssl_hs_error;
|
|
447
449
|
}
|
|
@@ -471,13 +473,20 @@ enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs) {
|
|
|
471
473
|
ssl->s3->previous_server_finished_len = finished_len;
|
|
472
474
|
}
|
|
473
475
|
|
|
476
|
+
// The Finished message should be the end of a flight.
|
|
477
|
+
if (ssl->method->has_unprocessed_handshake_data(ssl)) {
|
|
478
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
|
479
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESS_HANDSHAKE_DATA);
|
|
480
|
+
return ssl_hs_error;
|
|
481
|
+
}
|
|
482
|
+
|
|
474
483
|
ssl->method->next_message(ssl);
|
|
475
484
|
return ssl_hs_ok;
|
|
476
485
|
}
|
|
477
486
|
|
|
478
487
|
bool ssl_send_finished(SSL_HANDSHAKE *hs) {
|
|
479
488
|
SSL *const ssl = hs->ssl;
|
|
480
|
-
const SSL_SESSION *session =
|
|
489
|
+
const SSL_SESSION *session = ssl_handshake_session(hs);
|
|
481
490
|
|
|
482
491
|
uint8_t finished[EVP_MAX_MD_SIZE];
|
|
483
492
|
size_t finished_len;
|
|
@@ -487,9 +496,8 @@ bool ssl_send_finished(SSL_HANDSHAKE *hs) {
|
|
|
487
496
|
}
|
|
488
497
|
|
|
489
498
|
// Log the master secret, if logging is enabled.
|
|
490
|
-
if (!ssl_log_secret(
|
|
491
|
-
|
|
492
|
-
MakeConstSpan(session->master_key, session->master_key_length))) {
|
|
499
|
+
if (!ssl_log_secret(ssl, "CLIENT_RANDOM",
|
|
500
|
+
MakeConstSpan(session->secret, session->secret_length))) {
|
|
493
501
|
return 0;
|
|
494
502
|
}
|
|
495
503
|
|
|
@@ -534,6 +542,13 @@ bool ssl_output_cert_chain(SSL_HANDSHAKE *hs) {
|
|
|
534
542
|
return true;
|
|
535
543
|
}
|
|
536
544
|
|
|
545
|
+
const SSL_SESSION *ssl_handshake_session(const SSL_HANDSHAKE *hs) {
|
|
546
|
+
if (hs->new_session) {
|
|
547
|
+
return hs->new_session.get();
|
|
548
|
+
}
|
|
549
|
+
return hs->ssl->session.get();
|
|
550
|
+
}
|
|
551
|
+
|
|
537
552
|
int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
|
|
538
553
|
SSL *const ssl = hs->ssl;
|
|
539
554
|
for (;;) {
|
|
@@ -621,10 +636,15 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
|
|
|
621
636
|
hs->wait = ssl_hs_ok;
|
|
622
637
|
return -1;
|
|
623
638
|
|
|
624
|
-
case ssl_hs_handback:
|
|
639
|
+
case ssl_hs_handback: {
|
|
640
|
+
int ret = ssl->method->flush_flight(ssl);
|
|
641
|
+
if (ret <= 0) {
|
|
642
|
+
return ret;
|
|
643
|
+
}
|
|
625
644
|
ssl->s3->rwstate = SSL_ERROR_HANDBACK;
|
|
626
645
|
hs->wait = ssl_hs_handback;
|
|
627
646
|
return -1;
|
|
647
|
+
}
|
|
628
648
|
|
|
629
649
|
case ssl_hs_x509_lookup:
|
|
630
650
|
ssl->s3->rwstate = SSL_ERROR_WANT_X509_LOOKUP;
|
|
@@ -658,9 +678,8 @@ int ssl_run_handshake(SSL_HANDSHAKE *hs, bool *out_early_return) {
|
|
|
658
678
|
|
|
659
679
|
case ssl_hs_early_data_rejected:
|
|
660
680
|
assert(ssl->s3->early_data_reason != ssl_early_data_unknown);
|
|
681
|
+
assert(!hs->can_early_write);
|
|
661
682
|
ssl->s3->rwstate = SSL_ERROR_EARLY_DATA_REJECTED;
|
|
662
|
-
// Cause |SSL_write| to start failing immediately.
|
|
663
|
-
hs->can_early_write = false;
|
|
664
683
|
return -1;
|
|
665
684
|
|
|
666
685
|
case ssl_hs_early_return:
|
|
@@ -259,7 +259,7 @@ static bool ssl_write_client_cipher_list(SSL_HANDSHAKE *hs, CBB *out) {
|
|
|
259
259
|
continue;
|
|
260
260
|
}
|
|
261
261
|
any_enabled = true;
|
|
262
|
-
if (!CBB_add_u16(&child,
|
|
262
|
+
if (!CBB_add_u16(&child, SSL_CIPHER_get_protocol_id(cipher))) {
|
|
263
263
|
return false;
|
|
264
264
|
}
|
|
265
265
|
}
|
|
@@ -358,8 +358,7 @@ static bool parse_supported_versions(SSL_HANDSHAKE *hs, uint16_t *version,
|
|
|
358
358
|
|
|
359
359
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
|
360
360
|
if (!ssl_parse_extensions(&extensions, &alert, ext_types,
|
|
361
|
-
|
|
362
|
-
1 /* ignore unknown */)) {
|
|
361
|
+
/*ignore_unknown=*/true)) {
|
|
363
362
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
|
364
363
|
return false;
|
|
365
364
|
}
|
|
@@ -406,7 +405,8 @@ static enum ssl_hs_wait_t do_start_connect(SSL_HANDSHAKE *hs) {
|
|
|
406
405
|
(ssl->session->session_id_length == 0 &&
|
|
407
406
|
ssl->session->ticket.empty()) ||
|
|
408
407
|
ssl->session->not_resumable ||
|
|
409
|
-
!ssl_session_is_time_valid(ssl, ssl->session.get())
|
|
408
|
+
!ssl_session_is_time_valid(ssl, ssl->session.get()) ||
|
|
409
|
+
(ssl->quic_method != nullptr) != ssl->session->is_quic) {
|
|
410
410
|
ssl_set_session(ssl, NULL);
|
|
411
411
|
}
|
|
412
412
|
}
|
|
@@ -415,17 +415,20 @@ static enum ssl_hs_wait_t do_start_connect(SSL_HANDSHAKE *hs) {
|
|
|
415
415
|
return ssl_hs_error;
|
|
416
416
|
}
|
|
417
417
|
|
|
418
|
-
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
|
|
422
|
-
|
|
423
|
-
|
|
424
|
-
|
|
425
|
-
|
|
426
|
-
|
|
427
|
-
|
|
428
|
-
|
|
418
|
+
// Never send a session ID in QUIC. QUIC uses TLS 1.3 at a minimum and
|
|
419
|
+
// disables TLS 1.3 middlebox compatibility mode.
|
|
420
|
+
if (ssl->quic_method == nullptr) {
|
|
421
|
+
if (ssl->session != nullptr && !ssl->s3->initial_handshake_complete &&
|
|
422
|
+
ssl->session->session_id_length > 0) {
|
|
423
|
+
hs->session_id_len = ssl->session->session_id_length;
|
|
424
|
+
OPENSSL_memcpy(hs->session_id, ssl->session->session_id,
|
|
425
|
+
hs->session_id_len);
|
|
426
|
+
} else if (hs->max_version >= TLS1_3_VERSION) {
|
|
427
|
+
// Initialize a random session ID.
|
|
428
|
+
hs->session_id_len = sizeof(hs->session_id);
|
|
429
|
+
if (!RAND_bytes(hs->session_id, hs->session_id_len)) {
|
|
430
|
+
return ssl_hs_error;
|
|
431
|
+
}
|
|
429
432
|
}
|
|
430
433
|
}
|
|
431
434
|
|
|
@@ -456,16 +459,11 @@ static enum ssl_hs_wait_t do_enter_early_data(SSL_HANDSHAKE *hs) {
|
|
|
456
459
|
}
|
|
457
460
|
|
|
458
461
|
if (!tls13_init_early_key_schedule(
|
|
459
|
-
hs,
|
|
460
|
-
|
|
462
|
+
hs,
|
|
463
|
+
MakeConstSpan(ssl->session->secret, ssl->session->secret_length)) ||
|
|
461
464
|
!tls13_derive_early_secret(hs)) {
|
|
462
465
|
return ssl_hs_error;
|
|
463
466
|
}
|
|
464
|
-
if (ssl->quic_method == nullptr &&
|
|
465
|
-
!tls13_set_traffic_key(ssl, ssl_encryption_early_data, evp_aead_seal,
|
|
466
|
-
hs->early_traffic_secret())) {
|
|
467
|
-
return ssl_hs_error;
|
|
468
|
-
}
|
|
469
467
|
|
|
470
468
|
// Stash the early data session, so connection properties may be queried out
|
|
471
469
|
// of it.
|
|
@@ -496,7 +494,9 @@ static enum ssl_hs_wait_t do_early_reverify_server_certificate(SSL_HANDSHAKE *hs
|
|
|
496
494
|
|
|
497
495
|
// Defer releasing the 0-RTT key to after certificate reverification, so the
|
|
498
496
|
// QUIC implementation does not accidentally write data too early.
|
|
499
|
-
if (!
|
|
497
|
+
if (!tls13_set_traffic_key(hs->ssl, ssl_encryption_early_data, evp_aead_seal,
|
|
498
|
+
hs->early_session.get(),
|
|
499
|
+
hs->early_traffic_secret())) {
|
|
500
500
|
return ssl_hs_error;
|
|
501
501
|
}
|
|
502
502
|
|
|
@@ -636,12 +636,9 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
636
636
|
.subspan(SSL3_RANDOM_SIZE - sizeof(kTLS13DowngradeRandom));
|
|
637
637
|
if (suffix == kTLS12DowngradeRandom || suffix == kTLS13DowngradeRandom ||
|
|
638
638
|
suffix == kJDK11DowngradeRandom) {
|
|
639
|
-
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
643
|
-
return ssl_hs_error;
|
|
644
|
-
}
|
|
639
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_TLS13_DOWNGRADE);
|
|
640
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
641
|
+
return ssl_hs_error;
|
|
645
642
|
}
|
|
646
643
|
}
|
|
647
644
|
|
|
@@ -1050,7 +1047,7 @@ static enum ssl_hs_wait_t do_read_server_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1050
1047
|
return ssl_hs_error;
|
|
1051
1048
|
}
|
|
1052
1049
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
|
1053
|
-
if (!tls12_check_peer_sigalg(
|
|
1050
|
+
if (!tls12_check_peer_sigalg(hs, &alert, signature_algorithm)) {
|
|
1054
1051
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
|
1055
1052
|
return ssl_hs_error;
|
|
1056
1053
|
}
|
|
@@ -1201,6 +1198,13 @@ static enum ssl_hs_wait_t do_read_server_hello_done(SSL_HANDSHAKE *hs) {
|
|
|
1201
1198
|
return ssl_hs_error;
|
|
1202
1199
|
}
|
|
1203
1200
|
|
|
1201
|
+
// ServerHelloDone should be the end of the flight.
|
|
1202
|
+
if (ssl->method->has_unprocessed_handshake_data(ssl)) {
|
|
1203
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
|
1204
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESS_HANDSHAKE_DATA);
|
|
1205
|
+
return ssl_hs_error;
|
|
1206
|
+
}
|
|
1207
|
+
|
|
1204
1208
|
ssl->method->next_message(ssl);
|
|
1205
1209
|
hs->state = state_send_client_certificate;
|
|
1206
1210
|
return ssl_hs_ok;
|
|
@@ -1260,10 +1264,10 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1260
1264
|
uint32_t alg_k = hs->new_cipher->algorithm_mkey;
|
|
1261
1265
|
uint32_t alg_a = hs->new_cipher->algorithm_auth;
|
|
1262
1266
|
if (ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
|
|
1263
|
-
CRYPTO_BUFFER *leaf =
|
|
1267
|
+
const CRYPTO_BUFFER *leaf =
|
|
1264
1268
|
sk_CRYPTO_BUFFER_value(hs->new_session->certs.get(), 0);
|
|
1265
1269
|
CBS leaf_cbs;
|
|
1266
|
-
|
|
1270
|
+
CRYPTO_BUFFER_init_CBS(leaf, &leaf_cbs);
|
|
1267
1271
|
|
|
1268
1272
|
// Check the key usage matches the cipher suite. We do this unconditionally
|
|
1269
1273
|
// for non-RSA certificates. In particular, it's needed to distinguish ECDH
|
|
@@ -1273,7 +1277,7 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1273
1277
|
ssl_key_usage_t intended_use = (alg_k & SSL_kRSA)
|
|
1274
1278
|
? key_usage_encipherment
|
|
1275
1279
|
: key_usage_digital_signature;
|
|
1276
|
-
if (
|
|
1280
|
+
if (hs->config->enforce_rsa_key_usage ||
|
|
1277
1281
|
EVP_PKEY_id(hs->peer_pubkey.get()) != EVP_PKEY_RSA) {
|
|
1278
1282
|
if (!ssl_cert_check_key_usage(&leaf_cbs, intended_use)) {
|
|
1279
1283
|
return ssl_hs_error;
|
|
@@ -1403,9 +1407,9 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1403
1407
|
return ssl_hs_error;
|
|
1404
1408
|
}
|
|
1405
1409
|
|
|
1406
|
-
hs->new_session->
|
|
1407
|
-
tls1_generate_master_secret(hs, hs->new_session->
|
|
1408
|
-
if (hs->new_session->
|
|
1410
|
+
hs->new_session->secret_length =
|
|
1411
|
+
tls1_generate_master_secret(hs, hs->new_session->secret, pms);
|
|
1412
|
+
if (hs->new_session->secret_length == 0) {
|
|
1409
1413
|
return ssl_hs_error;
|
|
1410
1414
|
}
|
|
1411
1415
|
hs->new_session->extended_master_secret = hs->extended_master_secret;
|
|
@@ -1543,18 +1547,12 @@ static bool can_false_start(const SSL_HANDSHAKE *hs) {
|
|
|
1543
1547
|
//
|
|
1544
1548
|
// Now that TLS 1.3 exists, we would like to avoid similar attacks between
|
|
1545
1549
|
// TLS 1.2 and TLS 1.3, but there are too many TLS 1.2 deployments to
|
|
1546
|
-
// sacrifice False Start on them.
|
|
1547
|
-
//
|
|
1548
|
-
// issues.
|
|
1549
|
-
//
|
|
1550
|
-
// |SSL_CTX_set_ignore_tls13_downgrade| normally still retains Finished-based
|
|
1551
|
-
// downgrade protection, but False Start bypasses that. Thus, we disable False
|
|
1552
|
-
// Start based on the TLS 1.3 downgrade signal, even if otherwise unenforced.
|
|
1550
|
+
// sacrifice False Start on them. Instead, we rely on the ServerHello.random
|
|
1551
|
+
// downgrade signal, which we unconditionally enforce.
|
|
1553
1552
|
if (SSL_is_dtls(ssl) ||
|
|
1554
1553
|
SSL_version(ssl) != TLS1_2_VERSION ||
|
|
1555
1554
|
hs->new_cipher->algorithm_mkey != SSL_kECDHE ||
|
|
1556
|
-
hs->new_cipher->algorithm_mac != SSL_AEAD
|
|
1557
|
-
ssl->s3->tls13_downgrade) {
|
|
1555
|
+
hs->new_cipher->algorithm_mac != SSL_AEAD) {
|
|
1558
1556
|
return false;
|
|
1559
1557
|
}
|
|
1560
1558
|
|
|
@@ -325,7 +325,7 @@ static void ssl_get_compatible_server_ciphers(SSL_HANDSHAKE *hs,
|
|
|
325
325
|
*out_mask_a = mask_a;
|
|
326
326
|
}
|
|
327
327
|
|
|
328
|
-
static const SSL_CIPHER *
|
|
328
|
+
static const SSL_CIPHER *choose_cipher(
|
|
329
329
|
SSL_HANDSHAKE *hs, const SSL_CLIENT_HELLO *client_hello,
|
|
330
330
|
const SSLCipherPreferenceList *server_pref) {
|
|
331
331
|
SSL *const ssl = hs->ssl;
|
|
@@ -569,6 +569,14 @@ static enum ssl_hs_wait_t do_read_client_hello(SSL_HANDSHAKE *hs) {
|
|
|
569
569
|
return ssl_hs_error;
|
|
570
570
|
}
|
|
571
571
|
|
|
572
|
+
// ClientHello should be the end of the flight. We check this early to cover
|
|
573
|
+
// all protocol versions.
|
|
574
|
+
if (ssl->method->has_unprocessed_handshake_data(ssl)) {
|
|
575
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
|
|
576
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_EXCESS_HANDSHAKE_DATA);
|
|
577
|
+
return ssl_hs_error;
|
|
578
|
+
}
|
|
579
|
+
|
|
572
580
|
if (hs->config->handoff) {
|
|
573
581
|
return ssl_hs_handoff;
|
|
574
582
|
}
|
|
@@ -636,6 +644,12 @@ static enum ssl_hs_wait_t do_read_client_hello(SSL_HANDSHAKE *hs) {
|
|
|
636
644
|
return ssl_hs_error;
|
|
637
645
|
}
|
|
638
646
|
|
|
647
|
+
if (hs->ech_present && hs->ech_is_inner_present) {
|
|
648
|
+
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION);
|
|
649
|
+
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
|
|
650
|
+
return ssl_hs_error;
|
|
651
|
+
}
|
|
652
|
+
|
|
639
653
|
hs->state = state12_select_certificate;
|
|
640
654
|
return ssl_hs_ok;
|
|
641
655
|
}
|
|
@@ -699,7 +713,7 @@ static enum ssl_hs_wait_t do_select_certificate(SSL_HANDSHAKE *hs) {
|
|
|
699
713
|
SSLCipherPreferenceList *prefs = hs->config->cipher_list
|
|
700
714
|
? hs->config->cipher_list.get()
|
|
701
715
|
: ssl->ctx->cipher_list.get();
|
|
702
|
-
hs->new_cipher =
|
|
716
|
+
hs->new_cipher = choose_cipher(hs, &client_hello, prefs);
|
|
703
717
|
if (hs->new_cipher == NULL) {
|
|
704
718
|
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_CIPHER);
|
|
705
719
|
ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
|
|
@@ -900,7 +914,7 @@ static enum ssl_hs_wait_t do_send_server_hello(SSL_HANDSHAKE *hs) {
|
|
|
900
914
|
!CBB_add_u8_length_prefixed(&body, &session_id) ||
|
|
901
915
|
!CBB_add_bytes(&session_id, session->session_id,
|
|
902
916
|
session->session_id_length) ||
|
|
903
|
-
!CBB_add_u16(&body,
|
|
917
|
+
!CBB_add_u16(&body, SSL_CIPHER_get_protocol_id(hs->new_cipher)) ||
|
|
904
918
|
!CBB_add_u8(&body, 0 /* no compression */) ||
|
|
905
919
|
!ssl_add_serverhello_tlsext(hs, &body) ||
|
|
906
920
|
!ssl_add_message_cbb(ssl, cbb.get())) {
|
|
@@ -1094,7 +1108,7 @@ static enum ssl_hs_wait_t do_send_server_hello_done(SSL_HANDSHAKE *hs) {
|
|
|
1094
1108
|
!CBB_add_u8(&cert_types, TLS_CT_ECDSA_SIGN) ||
|
|
1095
1109
|
(ssl_protocol_version(ssl) >= TLS1_2_VERSION &&
|
|
1096
1110
|
(!CBB_add_u16_length_prefixed(&body, &sigalgs_cbb) ||
|
|
1097
|
-
!tls12_add_verify_sigalgs(
|
|
1111
|
+
!tls12_add_verify_sigalgs(hs, &sigalgs_cbb))) ||
|
|
1098
1112
|
!ssl_add_client_CA_list(hs, &body) ||
|
|
1099
1113
|
!ssl_add_message_cbb(ssl, cbb.get())) {
|
|
1100
1114
|
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
|
|
@@ -1394,14 +1408,13 @@ static enum ssl_hs_wait_t do_read_client_key_exchange(SSL_HANDSHAKE *hs) {
|
|
|
1394
1408
|
}
|
|
1395
1409
|
|
|
1396
1410
|
// Compute the master secret.
|
|
1397
|
-
hs->new_session->
|
|
1398
|
-
hs, hs->new_session->
|
|
1399
|
-
if (hs->new_session->
|
|
1411
|
+
hs->new_session->secret_length = tls1_generate_master_secret(
|
|
1412
|
+
hs, hs->new_session->secret, premaster_secret);
|
|
1413
|
+
if (hs->new_session->secret_length == 0) {
|
|
1400
1414
|
return ssl_hs_error;
|
|
1401
1415
|
}
|
|
1402
1416
|
hs->new_session->extended_master_secret = hs->extended_master_secret;
|
|
1403
|
-
CONSTTIME_DECLASSIFY(hs->new_session->
|
|
1404
|
-
hs->new_session->master_key_length);
|
|
1417
|
+
CONSTTIME_DECLASSIFY(hs->new_session->secret, hs->new_session->secret_length);
|
|
1405
1418
|
|
|
1406
1419
|
ssl->method->next_message(ssl);
|
|
1407
1420
|
hs->state = state12_read_client_certificate_verify;
|
|
@@ -1428,6 +1441,15 @@ static enum ssl_hs_wait_t do_read_client_certificate_verify(SSL_HANDSHAKE *hs) {
|
|
|
1428
1441
|
return ssl_hs_error;
|
|
1429
1442
|
}
|
|
1430
1443
|
|
|
1444
|
+
// The peer certificate must be valid for signing.
|
|
1445
|
+
const CRYPTO_BUFFER *leaf =
|
|
1446
|
+
sk_CRYPTO_BUFFER_value(hs->new_session->certs.get(), 0);
|
|
1447
|
+
CBS leaf_cbs;
|
|
1448
|
+
CRYPTO_BUFFER_init_CBS(leaf, &leaf_cbs);
|
|
1449
|
+
if (!ssl_cert_check_key_usage(&leaf_cbs, key_usage_digital_signature)) {
|
|
1450
|
+
return ssl_hs_error;
|
|
1451
|
+
}
|
|
1452
|
+
|
|
1431
1453
|
CBS certificate_verify = msg.body, signature;
|
|
1432
1454
|
|
|
1433
1455
|
// Determine the signature algorithm.
|
|
@@ -1439,7 +1461,7 @@ static enum ssl_hs_wait_t do_read_client_certificate_verify(SSL_HANDSHAKE *hs) {
|
|
|
1439
1461
|
return ssl_hs_error;
|
|
1440
1462
|
}
|
|
1441
1463
|
uint8_t alert = SSL_AD_DECODE_ERROR;
|
|
1442
|
-
if (!tls12_check_peer_sigalg(
|
|
1464
|
+
if (!tls12_check_peer_sigalg(hs, &alert, signature_algorithm)) {
|
|
1443
1465
|
ssl_send_alert(ssl, SSL3_AL_FATAL, alert);
|
|
1444
1466
|
return ssl_hs_error;
|
|
1445
1467
|
}
|
|
@@ -345,6 +345,9 @@ class Array {
|
|
|
345
345
|
if (new_size > size_) {
|
|
346
346
|
abort();
|
|
347
347
|
}
|
|
348
|
+
for (size_t i = new_size; i < size_; i++) {
|
|
349
|
+
data_[i].~T();
|
|
350
|
+
}
|
|
348
351
|
size_ = new_size;
|
|
349
352
|
}
|
|
350
353
|
|
|
@@ -386,6 +389,11 @@ class GrowableArray {
|
|
|
386
389
|
T *end() { return array_.data() + size_; }
|
|
387
390
|
const T *cend() const { return array_.data() + size_; }
|
|
388
391
|
|
|
392
|
+
void clear() {
|
|
393
|
+
size_ = 0;
|
|
394
|
+
array_.Reset();
|
|
395
|
+
}
|
|
396
|
+
|
|
389
397
|
// Push adds |elem| at the end of the internal array, growing if necessary. It
|
|
390
398
|
// returns false when allocation fails.
|
|
391
399
|
bool Push(T elem) {
|
|
@@ -631,9 +639,6 @@ const EVP_MD *ssl_get_handshake_digest(uint16_t version,
|
|
|
631
639
|
bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
|
|
632
640
|
const char *rule_str, bool strict);
|
|
633
641
|
|
|
634
|
-
// ssl_cipher_get_value returns the cipher suite id of |cipher|.
|
|
635
|
-
uint16_t ssl_cipher_get_value(const SSL_CIPHER *cipher);
|
|
636
|
-
|
|
637
642
|
// ssl_cipher_auth_mask_for_key returns the mask of cipher |algorithm_auth|
|
|
638
643
|
// values suitable for use with |key| in TLS 1.2 and below.
|
|
639
644
|
uint32_t ssl_cipher_auth_mask_for_key(const EVP_PKEY *key);
|
|
@@ -1356,23 +1361,17 @@ bool tls13_init_early_key_schedule(SSL_HANDSHAKE *hs, Span<const uint8_t> psk);
|
|
|
1356
1361
|
bool tls13_advance_key_schedule(SSL_HANDSHAKE *hs, Span<const uint8_t> in);
|
|
1357
1362
|
|
|
1358
1363
|
// tls13_set_traffic_key sets the read or write traffic keys to
|
|
1359
|
-
// |traffic_secret|.
|
|
1364
|
+
// |traffic_secret|. The version and cipher suite are determined from |session|.
|
|
1365
|
+
// It returns true on success and false on error.
|
|
1360
1366
|
bool tls13_set_traffic_key(SSL *ssl, enum ssl_encryption_level_t level,
|
|
1361
1367
|
enum evp_aead_direction_t direction,
|
|
1368
|
+
const SSL_SESSION *session,
|
|
1362
1369
|
Span<const uint8_t> traffic_secret);
|
|
1363
1370
|
|
|
1364
1371
|
// tls13_derive_early_secret derives the early traffic secret. It returns true
|
|
1365
|
-
// on success and false on error.
|
|
1366
|
-
// function does not pass the keys to QUIC. Call
|
|
1367
|
-
// |tls13_set_early_secret_for_quic| to do so. This is done to due to an
|
|
1368
|
-
// ordering complication around resolving HelloRetryRequest on the server.
|
|
1372
|
+
// on success and false on error.
|
|
1369
1373
|
bool tls13_derive_early_secret(SSL_HANDSHAKE *hs);
|
|
1370
1374
|
|
|
1371
|
-
// tls13_set_early_secret_for_quic passes the early traffic secrets, as
|
|
1372
|
-
// derived by |tls13_derive_early_secret|, to QUIC. It returns true on success
|
|
1373
|
-
// and false on error.
|
|
1374
|
-
bool tls13_set_early_secret_for_quic(SSL_HANDSHAKE *hs);
|
|
1375
|
-
|
|
1376
1375
|
// tls13_derive_handshake_secrets derives the handshake traffic secret. It
|
|
1377
1376
|
// returns true on success and false on error.
|
|
1378
1377
|
bool tls13_derive_handshake_secrets(SSL_HANDSHAKE *hs);
|
|
@@ -1420,6 +1419,15 @@ bool tls13_verify_psk_binder(SSL_HANDSHAKE *hs, SSL_SESSION *session,
|
|
|
1420
1419
|
const SSLMessage &msg, CBS *binders);
|
|
1421
1420
|
|
|
1422
1421
|
|
|
1422
|
+
// Encrypted Client Hello.
|
|
1423
|
+
|
|
1424
|
+
// tls13_ech_accept_confirmation computes the server's ECH acceptance signal,
|
|
1425
|
+
// writing it to |out|. It returns true on success, and false on failure.
|
|
1426
|
+
bool tls13_ech_accept_confirmation(
|
|
1427
|
+
SSL_HANDSHAKE *hs, bssl::Span<uint8_t> out,
|
|
1428
|
+
bssl::Span<const uint8_t> server_hello_ech_conf);
|
|
1429
|
+
|
|
1430
|
+
|
|
1423
1431
|
// Handshake functions.
|
|
1424
1432
|
|
|
1425
1433
|
enum ssl_hs_wait_t {
|
|
@@ -1485,8 +1493,10 @@ enum tls13_server_hs_state_t {
|
|
|
1485
1493
|
state13_send_server_hello,
|
|
1486
1494
|
state13_send_server_certificate_verify,
|
|
1487
1495
|
state13_send_server_finished,
|
|
1496
|
+
state13_send_half_rtt_ticket,
|
|
1488
1497
|
state13_read_second_client_flight,
|
|
1489
1498
|
state13_process_end_of_early_data,
|
|
1499
|
+
state13_read_client_encrypted_extensions,
|
|
1490
1500
|
state13_read_client_certificate,
|
|
1491
1501
|
state13_read_client_certificate_verify,
|
|
1492
1502
|
state13_read_channel_id,
|
|
@@ -1498,10 +1508,11 @@ enum tls13_server_hs_state_t {
|
|
|
1498
1508
|
// handback_t lists the points in the state machine where a handback can occur.
|
|
1499
1509
|
// These are the different points at which key material is no longer needed.
|
|
1500
1510
|
enum handback_t {
|
|
1501
|
-
handback_after_session_resumption,
|
|
1502
|
-
handback_after_ecdhe,
|
|
1503
|
-
handback_after_handshake,
|
|
1504
|
-
handback_tls13,
|
|
1511
|
+
handback_after_session_resumption = 0,
|
|
1512
|
+
handback_after_ecdhe = 1,
|
|
1513
|
+
handback_after_handshake = 2,
|
|
1514
|
+
handback_tls13 = 3,
|
|
1515
|
+
handback_max_value = handback_tls13,
|
|
1505
1516
|
};
|
|
1506
1517
|
|
|
1507
1518
|
|
|
@@ -1636,6 +1647,10 @@ struct SSL_HANDSHAKE {
|
|
|
1636
1647
|
// cookie is the value of the cookie received from the server, if any.
|
|
1637
1648
|
Array<uint8_t> cookie;
|
|
1638
1649
|
|
|
1650
|
+
// ech_grease contains the bytes of the GREASE ECH extension that was sent in
|
|
1651
|
+
// the first ClientHello.
|
|
1652
|
+
Array<uint8_t> ech_grease;
|
|
1653
|
+
|
|
1639
1654
|
// key_share_bytes is the value of the previously sent KeyShare extension by
|
|
1640
1655
|
// the client in TLS 1.3.
|
|
1641
1656
|
Array<uint8_t> key_share_bytes;
|
|
@@ -1654,6 +1669,10 @@ struct SSL_HANDSHAKE {
|
|
|
1654
1669
|
// advertise this extension to the client.
|
|
1655
1670
|
Array<uint16_t> peer_supported_group_list;
|
|
1656
1671
|
|
|
1672
|
+
// peer_delegated_credential_sigalgs are the signature algorithms the peer
|
|
1673
|
+
// supports with delegated credentials.
|
|
1674
|
+
Array<uint16_t> peer_delegated_credential_sigalgs;
|
|
1675
|
+
|
|
1657
1676
|
// peer_key is the peer's ECDH key for a TLS 1.2 client.
|
|
1658
1677
|
Array<uint8_t> peer_key;
|
|
1659
1678
|
|
|
@@ -1710,6 +1729,14 @@ struct SSL_HANDSHAKE {
|
|
|
1710
1729
|
// key_block is the record-layer key block for TLS 1.2 and earlier.
|
|
1711
1730
|
Array<uint8_t> key_block;
|
|
1712
1731
|
|
|
1732
|
+
// ech_present, on the server, indicates whether the ClientHello contained an
|
|
1733
|
+
// encrypted_client_hello extension.
|
|
1734
|
+
bool ech_present : 1;
|
|
1735
|
+
|
|
1736
|
+
// ech_is_inner_present, on the server, indicates whether the ClientHello
|
|
1737
|
+
// contained an ech_is_inner extension.
|
|
1738
|
+
bool ech_is_inner_present : 1;
|
|
1739
|
+
|
|
1713
1740
|
// scts_requested is true if the SCT extension is in the ClientHello.
|
|
1714
1741
|
bool scts_requested : 1;
|
|
1715
1742
|
|
|
@@ -1867,6 +1894,8 @@ enum ssl_private_key_result_t tls13_add_certificate_verify(SSL_HANDSHAKE *hs);
|
|
|
1867
1894
|
|
|
1868
1895
|
bool tls13_add_finished(SSL_HANDSHAKE *hs);
|
|
1869
1896
|
bool tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg);
|
|
1897
|
+
bssl::UniquePtr<SSL_SESSION> tls13_create_session_with_ticket(SSL *ssl,
|
|
1898
|
+
CBS *body);
|
|
1870
1899
|
|
|
1871
1900
|
bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
1872
1901
|
Array<uint8_t> *out_secret,
|
|
@@ -1874,7 +1903,8 @@ bool ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
|
1874
1903
|
bool ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, bool *out_found,
|
|
1875
1904
|
Array<uint8_t> *out_secret,
|
|
1876
1905
|
uint8_t *out_alert, CBS *contents);
|
|
1877
|
-
bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out
|
|
1906
|
+
bool ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out,
|
|
1907
|
+
bool dry_run);
|
|
1878
1908
|
|
|
1879
1909
|
bool ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
|
|
1880
1910
|
uint8_t *out_alert,
|
|
@@ -1916,6 +1946,12 @@ bool ssl_is_alpn_protocol_allowed(const SSL_HANDSHAKE *hs,
|
|
|
1916
1946
|
bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
1917
1947
|
const SSL_CLIENT_HELLO *client_hello);
|
|
1918
1948
|
|
|
1949
|
+
// ssl_negotiate_alps negotiates the ALPS extension, if applicable. It returns
|
|
1950
|
+
// true on successful negotiation or if nothing was negotiated. It returns false
|
|
1951
|
+
// and sets |*out_alert| to an alert on error.
|
|
1952
|
+
bool ssl_negotiate_alps(SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
1953
|
+
const SSL_CLIENT_HELLO *client_hello);
|
|
1954
|
+
|
|
1919
1955
|
struct SSL_EXTENSION_TYPE {
|
|
1920
1956
|
uint16_t type;
|
|
1921
1957
|
bool *out_present;
|
|
@@ -1924,12 +1960,12 @@ struct SSL_EXTENSION_TYPE {
|
|
|
1924
1960
|
|
|
1925
1961
|
// ssl_parse_extensions parses a TLS extensions block out of |cbs| and advances
|
|
1926
1962
|
// it. It writes the parsed extensions to pointers denoted by |ext_types|. On
|
|
1927
|
-
// success, it fills in the |out_present| and |out_data| fields and returns
|
|
1928
|
-
// Otherwise, it sets |*out_alert| to an alert to send and returns
|
|
1929
|
-
// extensions are rejected unless |ignore_unknown| is
|
|
1930
|
-
|
|
1931
|
-
|
|
1932
|
-
|
|
1963
|
+
// success, it fills in the |out_present| and |out_data| fields and returns
|
|
1964
|
+
// true. Otherwise, it sets |*out_alert| to an alert to send and returns false.
|
|
1965
|
+
// Unknown extensions are rejected unless |ignore_unknown| is true.
|
|
1966
|
+
bool ssl_parse_extensions(const CBS *cbs, uint8_t *out_alert,
|
|
1967
|
+
Span<const SSL_EXTENSION_TYPE> ext_types,
|
|
1968
|
+
bool ignore_unknown);
|
|
1933
1969
|
|
|
1934
1970
|
// ssl_verify_peer_cert verifies the peer certificate for |hs|.
|
|
1935
1971
|
enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs);
|
|
@@ -1942,6 +1978,11 @@ enum ssl_hs_wait_t ssl_get_finished(SSL_HANDSHAKE *hs);
|
|
|
1942
1978
|
bool ssl_send_finished(SSL_HANDSHAKE *hs);
|
|
1943
1979
|
bool ssl_output_cert_chain(SSL_HANDSHAKE *hs);
|
|
1944
1980
|
|
|
1981
|
+
// ssl_handshake_session returns the |SSL_SESSION| corresponding to the current
|
|
1982
|
+
// handshake. Note, in TLS 1.2 resumptions, this session is immutable.
|
|
1983
|
+
const SSL_SESSION *ssl_handshake_session(const SSL_HANDSHAKE *hs);
|
|
1984
|
+
|
|
1985
|
+
|
|
1945
1986
|
// SSLKEYLOGFILE functions.
|
|
1946
1987
|
|
|
1947
1988
|
// ssl_log_secret logs |secret| with label |label|, if logging is enabled for
|
|
@@ -1999,12 +2040,12 @@ Span<const uint16_t> tls1_get_peer_verify_algorithms(const SSL_HANDSHAKE *hs);
|
|
|
1999
2040
|
|
|
2000
2041
|
// tls12_add_verify_sigalgs adds the signature algorithms acceptable for the
|
|
2001
2042
|
// peer signature to |out|. It returns true on success and false on error.
|
|
2002
|
-
bool tls12_add_verify_sigalgs(const
|
|
2043
|
+
bool tls12_add_verify_sigalgs(const SSL_HANDSHAKE *hs, CBB *out);
|
|
2003
2044
|
|
|
2004
2045
|
// tls12_check_peer_sigalg checks if |sigalg| is acceptable for the peer
|
|
2005
2046
|
// signature. It returns true on success and false on error, setting
|
|
2006
2047
|
// |*out_alert| to an alert to send.
|
|
2007
|
-
bool tls12_check_peer_sigalg(const
|
|
2048
|
+
bool tls12_check_peer_sigalg(const SSL_HANDSHAKE *hs, uint8_t *out_alert,
|
|
2008
2049
|
uint16_t sigalg);
|
|
2009
2050
|
|
|
2010
2051
|
|
|
@@ -2108,6 +2149,9 @@ struct SSL_PROTOCOL_METHOD {
|
|
|
2108
2149
|
bool (*get_message)(const SSL *ssl, SSLMessage *out);
|
|
2109
2150
|
// next_message is called to release the current handshake message.
|
|
2110
2151
|
void (*next_message)(SSL *ssl);
|
|
2152
|
+
// has_unprocessed_handshake_data returns whether there is buffered
|
|
2153
|
+
// handshake data that has not been consumed by |get_message|.
|
|
2154
|
+
bool (*has_unprocessed_handshake_data)(const SSL *ssl);
|
|
2111
2155
|
// Use the |ssl_open_handshake| wrapper.
|
|
2112
2156
|
ssl_open_record_t (*open_handshake)(SSL *ssl, size_t *out_consumed,
|
|
2113
2157
|
uint8_t *out_alert, Span<uint8_t> in);
|
|
@@ -2140,14 +2184,20 @@ struct SSL_PROTOCOL_METHOD {
|
|
|
2140
2184
|
int (*flush_flight)(SSL *ssl);
|
|
2141
2185
|
// on_handshake_complete is called when the handshake is complete.
|
|
2142
2186
|
void (*on_handshake_complete)(SSL *ssl);
|
|
2143
|
-
// set_read_state sets |ssl|'s read cipher state to |aead_ctx
|
|
2144
|
-
//
|
|
2145
|
-
//
|
|
2146
|
-
|
|
2147
|
-
|
|
2148
|
-
|
|
2149
|
-
|
|
2150
|
-
|
|
2187
|
+
// set_read_state sets |ssl|'s read cipher state and level to |aead_ctx| and
|
|
2188
|
+
// |level|. In QUIC, |aead_ctx| is a placeholder object and |secret_for_quic|
|
|
2189
|
+
// is the original secret. This function returns true on success and false on
|
|
2190
|
+
// error.
|
|
2191
|
+
bool (*set_read_state)(SSL *ssl, ssl_encryption_level_t level,
|
|
2192
|
+
UniquePtr<SSLAEADContext> aead_ctx,
|
|
2193
|
+
Span<const uint8_t> secret_for_quic);
|
|
2194
|
+
// set_write_state sets |ssl|'s write cipher state and level to |aead_ctx| and
|
|
2195
|
+
// |level|. In QUIC, |aead_ctx| is a placeholder object and |secret_for_quic|
|
|
2196
|
+
// is the original secret. This function returns true on success and false on
|
|
2197
|
+
// error.
|
|
2198
|
+
bool (*set_write_state)(SSL *ssl, ssl_encryption_level_t level,
|
|
2199
|
+
UniquePtr<SSLAEADContext> aead_ctx,
|
|
2200
|
+
Span<const uint8_t> secret_for_quic);
|
|
2151
2201
|
};
|
|
2152
2202
|
|
|
2153
2203
|
// The following wrappers call |open_*| but handle |read_shutdown| correctly.
|
|
@@ -2385,9 +2435,6 @@ struct SSL3_STATE {
|
|
|
2385
2435
|
// early_data_accepted is true if early data was accepted by the server.
|
|
2386
2436
|
bool early_data_accepted : 1;
|
|
2387
2437
|
|
|
2388
|
-
// tls13_downgrade is whether the TLS 1.3 anti-downgrade logic fired.
|
|
2389
|
-
bool tls13_downgrade : 1;
|
|
2390
|
-
|
|
2391
2438
|
// token_binding_negotiated is set if Token Binding was negotiated.
|
|
2392
2439
|
bool token_binding_negotiated : 1;
|
|
2393
2440
|
|
|
@@ -2608,6 +2655,12 @@ struct DTLS1_STATE {
|
|
|
2608
2655
|
unsigned timeout_duration_ms = 0;
|
|
2609
2656
|
};
|
|
2610
2657
|
|
|
2658
|
+
// An ALPSConfig is a pair of ALPN protocol and settings value to use with ALPS.
|
|
2659
|
+
struct ALPSConfig {
|
|
2660
|
+
Array<uint8_t> protocol;
|
|
2661
|
+
Array<uint8_t> settings;
|
|
2662
|
+
};
|
|
2663
|
+
|
|
2611
2664
|
// SSL_CONFIG contains configuration bits that can be shed after the handshake
|
|
2612
2665
|
// completes. Objects of this type are not shared; they are unique to a
|
|
2613
2666
|
// particular |SSL|.
|
|
@@ -2674,12 +2727,19 @@ struct SSL_CONFIG {
|
|
|
2674
2727
|
// format.
|
|
2675
2728
|
Array<uint8_t> alpn_client_proto_list;
|
|
2676
2729
|
|
|
2730
|
+
// alps_configs contains the list of supported protocols to use with ALPS,
|
|
2731
|
+
// along with their corresponding ALPS values.
|
|
2732
|
+
GrowableArray<ALPSConfig> alps_configs;
|
|
2733
|
+
|
|
2677
2734
|
// Contains a list of supported Token Binding key parameters.
|
|
2678
2735
|
Array<uint8_t> token_binding_params;
|
|
2679
2736
|
|
|
2680
2737
|
// Contains the QUIC transport params that this endpoint will send.
|
|
2681
2738
|
Array<uint8_t> quic_transport_params;
|
|
2682
2739
|
|
|
2740
|
+
// Contains the context used to decide whether to accept early data in QUIC.
|
|
2741
|
+
Array<uint8_t> quic_early_data_context;
|
|
2742
|
+
|
|
2683
2743
|
// verify_sigalgs, if not empty, is the set of signature algorithms
|
|
2684
2744
|
// accepted from the peer in decreasing order of preference.
|
|
2685
2745
|
Array<uint16_t> verify_sigalgs;
|
|
@@ -2691,6 +2751,10 @@ struct SSL_CONFIG {
|
|
|
2691
2751
|
// verify_mode is a bitmask of |SSL_VERIFY_*| values.
|
|
2692
2752
|
uint8_t verify_mode = SSL_VERIFY_NONE;
|
|
2693
2753
|
|
|
2754
|
+
// ech_grease_enabled controls whether ECH GREASE may be sent in the
|
|
2755
|
+
// ClientHello.
|
|
2756
|
+
bool ech_grease_enabled : 1;
|
|
2757
|
+
|
|
2694
2758
|
// Enable signed certificate time stamps. Currently client only.
|
|
2695
2759
|
bool signed_cert_timestamps_enabled : 1;
|
|
2696
2760
|
|
|
@@ -2723,13 +2787,13 @@ struct SSL_CONFIG {
|
|
|
2723
2787
|
// should be freed after the handshake completes.
|
|
2724
2788
|
bool shed_handshake_config : 1;
|
|
2725
2789
|
|
|
2726
|
-
// ignore_tls13_downgrade is whether the connection should continue when the
|
|
2727
|
-
// server random signals a downgrade.
|
|
2728
|
-
bool ignore_tls13_downgrade : 1;
|
|
2729
|
-
|
|
2730
2790
|
// jdk11_workaround is whether to disable TLS 1.3 for JDK 11 clients, as a
|
|
2731
2791
|
// workaround for https://bugs.openjdk.java.net/browse/JDK-8211806.
|
|
2732
2792
|
bool jdk11_workaround : 1;
|
|
2793
|
+
|
|
2794
|
+
// QUIC drafts up to and including 32 used a different TLS extension
|
|
2795
|
+
// codepoint to convey QUIC's transport parameters.
|
|
2796
|
+
bool quic_use_legacy_codepoint : 1;
|
|
2733
2797
|
};
|
|
2734
2798
|
|
|
2735
2799
|
// From RFC 8446, used in determining PSK modes.
|
|
@@ -2835,29 +2899,29 @@ void ssl_update_cache(SSL_HANDSHAKE *hs, int mode);
|
|
|
2835
2899
|
|
|
2836
2900
|
void ssl_send_alert(SSL *ssl, int level, int desc);
|
|
2837
2901
|
int ssl_send_alert_impl(SSL *ssl, int level, int desc);
|
|
2838
|
-
bool
|
|
2839
|
-
ssl_open_record_t
|
|
2840
|
-
|
|
2841
|
-
void
|
|
2902
|
+
bool tls_get_message(const SSL *ssl, SSLMessage *out);
|
|
2903
|
+
ssl_open_record_t tls_open_handshake(SSL *ssl, size_t *out_consumed,
|
|
2904
|
+
uint8_t *out_alert, Span<uint8_t> in);
|
|
2905
|
+
void tls_next_message(SSL *ssl);
|
|
2842
2906
|
|
|
2843
|
-
int
|
|
2844
|
-
ssl_open_record_t
|
|
2845
|
-
|
|
2846
|
-
|
|
2847
|
-
ssl_open_record_t
|
|
2848
|
-
|
|
2849
|
-
|
|
2850
|
-
int
|
|
2851
|
-
|
|
2907
|
+
int tls_dispatch_alert(SSL *ssl);
|
|
2908
|
+
ssl_open_record_t tls_open_app_data(SSL *ssl, Span<uint8_t> *out,
|
|
2909
|
+
size_t *out_consumed, uint8_t *out_alert,
|
|
2910
|
+
Span<uint8_t> in);
|
|
2911
|
+
ssl_open_record_t tls_open_change_cipher_spec(SSL *ssl, size_t *out_consumed,
|
|
2912
|
+
uint8_t *out_alert,
|
|
2913
|
+
Span<uint8_t> in);
|
|
2914
|
+
int tls_write_app_data(SSL *ssl, bool *out_needs_handshake, const uint8_t *buf,
|
|
2915
|
+
int len);
|
|
2852
2916
|
|
|
2853
|
-
bool
|
|
2854
|
-
void
|
|
2917
|
+
bool tls_new(SSL *ssl);
|
|
2918
|
+
void tls_free(SSL *ssl);
|
|
2855
2919
|
|
|
2856
|
-
bool
|
|
2857
|
-
bool
|
|
2858
|
-
bool
|
|
2859
|
-
bool
|
|
2860
|
-
int
|
|
2920
|
+
bool tls_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
2921
|
+
bool tls_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
2922
|
+
bool tls_add_message(SSL *ssl, Array<uint8_t> msg);
|
|
2923
|
+
bool tls_add_change_cipher_spec(SSL *ssl);
|
|
2924
|
+
int tls_flush_flight(SSL *ssl);
|
|
2861
2925
|
|
|
2862
2926
|
bool dtls1_init_message(SSL *ssl, CBB *cbb, CBB *body, uint8_t type);
|
|
2863
2927
|
bool dtls1_finish_message(SSL *ssl, CBB *cbb, Array<uint8_t> *out_msg);
|
|
@@ -2911,13 +2975,14 @@ int dtls1_dispatch_alert(SSL *ssl);
|
|
|
2911
2975
|
// determined by |direction|) using the keys generated by the TLS KDF. The
|
|
2912
2976
|
// |key_block_cache| argument is used to store the generated key block, if
|
|
2913
2977
|
// empty. Otherwise it's assumed that the key block is already contained within
|
|
2914
|
-
// it.
|
|
2915
|
-
|
|
2916
|
-
|
|
2917
|
-
|
|
2918
|
-
|
|
2919
|
-
|
|
2920
|
-
|
|
2978
|
+
// it. It returns true on success or false on error.
|
|
2979
|
+
bool tls1_configure_aead(SSL *ssl, evp_aead_direction_t direction,
|
|
2980
|
+
Array<uint8_t> *key_block_cache,
|
|
2981
|
+
const SSL_SESSION *session,
|
|
2982
|
+
Span<const uint8_t> iv_override);
|
|
2983
|
+
|
|
2984
|
+
bool tls1_change_cipher_state(SSL_HANDSHAKE *hs,
|
|
2985
|
+
evp_aead_direction_t direction);
|
|
2921
2986
|
int tls1_generate_master_secret(SSL_HANDSHAKE *hs, uint8_t *out,
|
|
2922
2987
|
Span<const uint8_t> premaster);
|
|
2923
2988
|
|
|
@@ -3307,17 +3372,10 @@ struct ssl_ctx_st {
|
|
|
3307
3372
|
// protocols from the peer.
|
|
3308
3373
|
bool allow_unknown_alpn_protos : 1;
|
|
3309
3374
|
|
|
3310
|
-
// ed25519_enabled is whether Ed25519 is advertised in the handshake.
|
|
3311
|
-
bool ed25519_enabled : 1;
|
|
3312
|
-
|
|
3313
3375
|
// false_start_allowed_without_alpn is whether False Start (if
|
|
3314
3376
|
// |SSL_MODE_ENABLE_FALSE_START| is enabled) is allowed without ALPN.
|
|
3315
3377
|
bool false_start_allowed_without_alpn : 1;
|
|
3316
3378
|
|
|
3317
|
-
// ignore_tls13_downgrade is whether a connection should continue when the
|
|
3318
|
-
// server random signals a downgrade.
|
|
3319
|
-
bool ignore_tls13_downgrade:1;
|
|
3320
|
-
|
|
3321
3379
|
// handoff indicates that a server should stop after receiving the
|
|
3322
3380
|
// ClientHello and pause the handshake in such a way that |SSL_get_error|
|
|
3323
3381
|
// returns |SSL_ERROR_HANDOFF|.
|
|
@@ -3438,10 +3496,12 @@ struct ssl_session_st {
|
|
|
3438
3496
|
// the peer, or zero if not applicable or unknown.
|
|
3439
3497
|
uint16_t peer_signature_algorithm = 0;
|
|
3440
3498
|
|
|
3441
|
-
//
|
|
3442
|
-
// session. In TLS 1.3 and up, it is the resumption
|
|
3443
|
-
|
|
3444
|
-
|
|
3499
|
+
// secret, in TLS 1.2 and below, is the master secret associated with the
|
|
3500
|
+
// session. In TLS 1.3 and up, it is the resumption PSK for sessions handed to
|
|
3501
|
+
// the caller, but it stores the resumption secret when stored on |SSL|
|
|
3502
|
+
// objects.
|
|
3503
|
+
int secret_length = 0;
|
|
3504
|
+
uint8_t secret[SSL_MAX_MASTER_KEY_LENGTH] = {0};
|
|
3445
3505
|
|
|
3446
3506
|
// session_id - valid?
|
|
3447
3507
|
unsigned session_id_length = 0;
|
|
@@ -3526,9 +3586,18 @@ struct ssl_session_st {
|
|
|
3526
3586
|
|
|
3527
3587
|
// early_alpn is the ALPN protocol from the initial handshake. This is only
|
|
3528
3588
|
// stored for TLS 1.3 and above in order to enforce ALPN matching for 0-RTT
|
|
3529
|
-
// resumptions.
|
|
3589
|
+
// resumptions. For the current connection's ALPN protocol, see
|
|
3590
|
+
// |alpn_selected| on |SSL3_STATE|.
|
|
3530
3591
|
bssl::Array<uint8_t> early_alpn;
|
|
3531
3592
|
|
|
3593
|
+
// local_application_settings, if |has_application_settings| is true, is the
|
|
3594
|
+
// local ALPS value for this connection.
|
|
3595
|
+
bssl::Array<uint8_t> local_application_settings;
|
|
3596
|
+
|
|
3597
|
+
// peer_application_settings, if |has_application_settings| is true, is the
|
|
3598
|
+
// peer ALPS value for this connection.
|
|
3599
|
+
bssl::Array<uint8_t> peer_application_settings;
|
|
3600
|
+
|
|
3532
3601
|
// extended_master_secret is whether the master secret in this session was
|
|
3533
3602
|
// generated using EMS and thus isn't vulnerable to the Triple Handshake
|
|
3534
3603
|
// attack.
|
|
@@ -3546,6 +3615,17 @@ struct ssl_session_st {
|
|
|
3546
3615
|
// is_server is whether this session was created by a server.
|
|
3547
3616
|
bool is_server : 1;
|
|
3548
3617
|
|
|
3618
|
+
// is_quic indicates whether this session was created using QUIC.
|
|
3619
|
+
bool is_quic : 1;
|
|
3620
|
+
|
|
3621
|
+
// has_application_settings indicates whether ALPS was negotiated in this
|
|
3622
|
+
// session.
|
|
3623
|
+
bool has_application_settings : 1;
|
|
3624
|
+
|
|
3625
|
+
// quic_early_data_context is used to determine whether early data must be
|
|
3626
|
+
// rejected when performing a QUIC handshake.
|
|
3627
|
+
bssl::Array<uint8_t> quic_early_data_context;
|
|
3628
|
+
|
|
3549
3629
|
private:
|
|
3550
3630
|
~ssl_session_st();
|
|
3551
3631
|
friend void SSL_SESSION_free(SSL_SESSION *);
|